OT Security Risk Manager - Hybrid/Warwick - £80k

OT Security Risk Manager - Warwick

Job Title: OT Security Risk Manager

Location: Hybrid/Warwick - 2 days in office per week

Contract Details: Full-time, Permanent

Salary: £60,000 - £80,000 annually

About Our Client:

Our client, a prominent player in the Utilities sector, is dedicated to facilitating safe, dependable, and efficient energy connections. They uphold a steadfast commitment to operational excellence, ensuring the seamless functioning of their energy network to deliver high-quality service to their customers.

Responsibilities:

As the OT Security Risk Manager, you will lead the Security Risk Team, responsible for evaluating cyber and physical risks and providing data-driven insights to guide strategic decision-making. Focusing on Operational Technology (OT) and its associated IT ecosystems, including control centres, Optel Network & Services, critical data centres, and substations, you will develop an overarching cyber risk management strategy and establish a cohesive framework.

Your responsibilities will include:

Crafting and implementing the company's OT Cyber Risk Framework
Establishing uniform protocols for identifying, documenting, and addressing OT Cyber Security risks company-wide
Engaging with senior leadership and external stakeholders to align on the organisation's Cyber Risk Framework
Collaborating with interdisciplinary teams to devise customised risk management solutions tailored to specific cyber challenges
Supervising a team of specialists in Operational Technology Cyber risk management
Delivering comprehensive reports on risk assessment, mitigation strategies, and investment priorities

Essential Skills, Qualifications, Experience:

Proven track record in applying risk assessment methodologies such as NIST 800-30, ISO27005, IEC 62443, FAIR
Familiarity with industry best practises and security control frameworks including NIST 800 53, ISO 27001, IEC 62443, NIST CSF, NCSC CAF
Experience implementing security risk management frameworks such as NIST 800-39, 800-37
Ability to effectively communicate complex concepts to senior stakeholders
Basic understanding of ICS/SCADA frameworks like the IEC 62443 framework

Desirable Skills, Qualifications, Experience:

Knowledge of UK Network & Information Systems (NIS) Regulations
Previous involvement in Cyber Security initiatives
Familiarity with MITRE ATT&CK framework
Prior experience in risk management within an Operational Technology environment
Leadership and team management experience, preferably in critical infrastructure settings
Proficiency in Microsoft Office Suite, particularly Excel and SharePoint
Familiarity with Power BI and Visio
Relevant Information Security certifications such as CISSP, CISM, CISA
Ability to obtain and maintain security clearance

Technologies:

Cyber Security
Risk Management
Cyber Risk
NIS Regulations
Client Engagement
Team Leadership (Direct supervision of 6 staff, oversight of 10-20)
Continuous Improvement
Centralised Security
Governance Meetings
Control Centres
Critical Data Centres
Substations
Optel Network and Services

How to Apply:

If you possess a strong background in Risk Management and are committed to safeguarding critical systems in the Utilities sector, we invite you to apply. Please submit your updated resume along with a cover letter highlighting your relevant expertise and qualifications.

Adecco is a disability-confident employer. It is important to us that we run an inclusive and accessible recruitment process to support candidates of all backgrounds and all abilities to apply. Adecco is committed to building a supportive environment for you to explore the next steps in your career. If you require reasonable adjustments at any stage, please let us know and we will be happy to support you.

KEYWORDS:
Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical / Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical / Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical / Cyber Security / Cyber Sec / Risk Management / Risk / Cyber Risk / NIS Regulations / Network and Information Systems Regulations / Client Liaison / Team Lead / Continuous Improvement / Central Security / Governance Meetings / Control Centres / Critical