Position Description
As a team member of the Cybersecurity, Risk, Business Continuity & GDPR Team you will be required to support the Business Continuity & Cyber Security Assurance Manager to protect ESB Networks from Cybersecurity & GDPR risks and enhance ESBN’s compliance in line with our Regulatory obligations under Cybersecurity, Risk, Business Continuity and GDPR. As part of this role, you will be supporting the OT Cybersecurity Lead for ESBN to oversee the compliance of Cyber Security approach for the business, as well as managing Business Continuity and Risk Management improvement processes by liaising with all business lines within ESB Networks to align to the organisational priorities and standardised approach. Promote awareness of strategic initiatives and encourage self-sustaining security practices and behaviours within delivery teams.
Key Responsibilities
Key responsibilities for this role include but are not limited to;
1. Support the development of OT Cybersecurity standards and baselines in coordination with OT Cybersecurity Lead.
2. Conduct and lead comprehensive assessments of information security and privacy policies and procedures against applicable regulations, laws, policies and standards.
3. Collaborate with broader CIO and Networks teams to embed new processes and procedures into the Networks business with appropriate governance.
4. Engaging with business units, measuring KPIs, running engagements with NCSC supporting completion of corrective action plans with Enterprise Services.
5. Active involvement in overall Cybersecurity Governance incl. Design Authority and/or Cybersecurity Governance meetings to adhere to the model
6. Lead weekly meetings along with the Cyber Security Manager and OT Cybersecurity specialists from all the units to discuss security concerns on common platform.
7. Co-ordinate smooth flow of information from the enterprise and security council to the Business units to detect, investigate, resolve and communicate information incidents.
8. Aligning IT/OT risk management to the organisation's overall approach and ensuring process implementation and training.
9. Maintain, develop, review, and update the business continuity plans in alignment with ISO standards & best practice.
Knowledge, Skills, and Experience
Essential
10. Expert knowledge in IT/OT security best practice and solutions.
11. High level understanding of general OT Cybersecurity knowledge.
12. In depth knowledge of industrial control systems.
13. Understanding of project management principles.
14. Ability to demonstrate understanding of vulnerability remediation.
15. Experience in compliance auditing frameworks.
Desirable
16. Should be certified or have relevant experience in (ISO27001, ISO9001, IEC62443, NERC CIP, NIS D, NIST SP 800 82, SP 800 53)
17. Knowledge of OWASP Top 10.
18. Certified Information Systems Security Professional (CISSP) or equivalent.
19. Ability to work in a team environment.
20. Ability to take initiative and be proactive.
21. Experience in increasing levels of managing/leadership.
22. Complex problem-solving and analytical skills.
23. Creative and critical thinking skills.
Qualifications
Degree in related discipine