Back to job search

OT Security Manager

  • Location:

    Scotland

  • Job type:

    Permanent

  • Salary:

    £75000 - £92000 per annum + plus bonus + car / car allowance

  • Contact:

    James Hepburn

  • Contact email:

    jhepburn@headresourcing.com

  • Job ref:

    BBBH37036_1694776440

  • Published:

    18 days ago

  • Expiry date:

    2023-10-15

  • Startdate:

    ASAP

  • Client:

    Head Resourcing


OT Security Manager - Hybrid, anywhere in Scotland
Up to £92,000 + car / car allowance + performance related bonus

Head Resourcing are delighted to be partnered with a leading energy company who are on a journey to net zero. We are recruiting for an OT Security Manager to join them at this exciting stage, working to safeguard their security.

This is a hybrid role with 1-2 days in the office and the rest of the week working from home. The client has a number of offices in Scotland so the successful candidate can be based anywhere within a commutable distance to Scotland.

As OT Security Manager, you will ensure compliance with the NIS Directive, the establishment and maintenance of policy and procedures around governance, risk assessment, lifecycle management, verification and vetting, training and awareness, managing vulnerabilities, incident response, the investigation of cyber security incidents and managing lessons learned.

The role also includes working with service and project teams within Operational Technology to ensure that designs and architecture meet security requirements.

Critically, the role includes the real time management of cyber security incidents, assessing attack vectors and associated vulnerabilities to protect the company Operational Technology systems.

Key Responsibilities:

- Oversee planning, design, implementation, testing and operation of cyber security processes and systems for Operational Technology to verify the security of systems, networks and applications, and manage the remediation of identified risks.
- Have in-depth knowledge of and be proficient in performing risk, business impact, control and vulnerability assessments.
- Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
- Manage third parties delivering services to ensure that risks are maintained within acceptable thresholds.
- Lead a team of service owners responsible for secure configuration and management of solutions to address the security requirements such as:
Secure Remote Access
Device Management
Apply Anti-virus / Endpoint detection and response
Removable Media Hygiene Devices
Intrusion Detection Systems
- Logging/Monitoring Alerting Capabilities Feed Anomalies to SIEM managing and coordinating operational components of incident management, including detection, response and reporting.
- The ability to translate and simplify complex technical information to a wide range of audiences including internal and external stakeholders.

Experience Required:

- Extensive experience with Operational Technology (experience in a Critical National Infrastructure environment is a plus).
- Have an understanding of all relevant legal and regulatory requirements, such as the UK Data Protection Act, GDPR, DPDI, NIS, and the critical roles and functions undertaken by departments such as DECC/OFGEM/CPNI.
- Strong leadership skills and extensive experience of managing a security team, setting up and managing a cyber security program, including the establishment and operation of an information security management system.
- A good understanding of security standards and frameworks in particular NIST SP 800-82.
- Relevant educational qualification or equivalent by experience with one or more professional certifications, such as GICSP, CSSA, GRID, CISSP, or ISA 62443 or be willing to obtain it.

If this job isn't the one for you, then don't worry we have lots more opportunities available!