IT-OT Cyber Security Lead
Role details
Job location
Tech stack
Job description
The IT/OT Cyber Security Lead is responsible for research, development, implementation, testing and reviewing SBM's Industrial Control Systems Security.
This role requires interacting with all the functions of the OT and IT Teams to protect the systems and improve the overall cyber security posture., * Assume leadership in implementing approved standards and best practices for the secure integration of operational technology (OT) and information technology (IT) infrastructure.
- Conduct functional and gap analyses to assess the degree of compliance of key business areas and infrastructure with statutory and regulatory requirements.
- Take the lead in developing, adopting, and enforcing security policies, procedures, and standards for both OT and IT.
- Regularly assess the overall security posture to mitigate cyber exposure risk while maintaining optimal operational performance.
- Evaluate and propose new cybersecurity technologies and countermeasures to mitigate threats to the confidentiality, integrity, and availability of systems.
- Aid in the selection of vendor products and collaborate with internal stakeholders to generate or procure the necessary artifacts for expedited technical implementation.
- Coordinate with relevant internal teams and conduct cross-functional assessments to ensure that proposed solutions align with the company's security principles.
Expected Outcomes & Impacts
The performance of the IT/OT Cyber Security Lead will be measured on business impact (business outcomes achieved or affected), by connecting IT/OT initiatives to stakeholders' mission-critical priorities.
- Impact metrics: Business impact / Risks quantification and mitigations / Compliance with governance models.
- Progress metrics: IT/OT Initiatives quality / Time from insight to action / Cybersecurity maturity level.
Requirements
The IT/OT Cyber Security Lead must have a good understanding of business objectives and goals, industry domain expertise, Industry Control Systems' knowledge, methods, and techniques.
A high priority in this role is to ensure business continuity. This is accomplished by anticipating technical security risks and securing all critical working environments. This role will oversee and/or assist in performing on-going security monitoring of organization systems.
The IT/OT Cyber Security Lead must have excellent interpersonal and leadership skills with a focus on stakeholder engagement and communication., * A degree in Engineering (Electrical or Computer), Computer Science, or equivalent.
- Relevant Industry certifications: GICSP, GCIP, GRID, CISSP (preferred but not mandatory).
- 5 or more years of combined experience in the fields of OT and IT.
- 4 or more years of relevant experience in OT or Industrial Control Systems Security, preferably in the Energy sector (specifically in the Oil & Gas industry).
- Experience in integration and operation of Industrial Control Systems Security.
- Experience with OT networking and knowledge of the Purdue Model.
- Deep understanding of ISA/IEC 62443 and NIST SP 800-82.
- Knowledge of NIS2 directive.
- Experience in design and management of Information Security solutions.
- Experience with working with global teams in various time zones.
