Operations and technicians
Cybersecurity Risk Management Expert in OT Operations
Imagine a future where you increase resilience towards cyber threats and help demonstrate that green energy is a stable and trusted energy source
Join us in this role where you’ll work closely with IT, engineering, and OT experts and with corporate security functions to help develop and strengthen the cybersecurity posture and compliance in offshore windfarm operations. In this way, you’ll foster the cybersecurity risk culture and approach, assess our risks, drive risk treatment activities, and develop the methodology and processes within the context of offshore wind farm operations, where the cyber threat landscape and compliance requirements are constantly increasing.
Welcome to Operational Technology & Security Product Line
You’ll be part of Operational Technology & Security team where you, together with your colleagues, will be supporting central offshore wind farm operations. You’ll be an expert with strategic competencies, who manages complex requirements and bridgehead OT operations security activities with formal information security management processes to strengthen compliance with a couple of international and national standards in energy generation and critical infrastructures. As a team, we have a culture of learning and improvement, work as a team and help across, and have a flexible working environment.
You’ll play an important role in:
- developing the cybersecurity risk management process and the methodology (ISO27005, IEC62443), as well as improving the overall risk management process performing cybersecurity risk assessments, incl. detailed threat and vulnerability analyses, and maintaining a risk register and reporting to provide clear risk pictures for stakeholders
- consulting the Operations teams to define optimised technical and organisational measures, incl. improvements of operational processes, security architectures, and IT/OT- integration
- preparing risk management and its artefacts for audits according to different national standards, e.g., the UK NIS CAF, the US NERC CIP, the German IT Sicherheitskatalog, and ISO27001
- managing and coordinating actions and measures resulting from audits and cybersecurity risk assessments.
To succeed in the role, you:
- possess good knowledge of Information Security and IT Security Management and sound knowledge and experience in information or cybersecurity risk management
- possess knowledge and understanding of, and ideally prior experience with IT/OT operations, SCADA and electrical systems, and network architecture
- possess sound knowledge of industrial security standards and control frameworks, e.g., ISO/IEC27001, 27005, the NIST Cybersecurity Framework, the ISA/IEC62443 series, and are willing to learn about and familiarise yourself with national security standards, e.g., the NIS CAF, NERC CIP, or the German IT Sicherheitskatalog
- have good communication, social, and presentation skills, which you can use effectively for active networking with stakeholders in all areas of the organisation
- have very good analytical skills and can combine expert knowledge with strategic thinking and the ability to abstract complexity.
Join a global leader in renewable energy
Ørsted is a growing green energy major and global leader in climate action. With us you’ll play a part in driving change towards a green energy future. You’ll grow your talent in a fast-paced and high-growth industry where you have plenty of opportunities to learn and develop through challenging assignments and industry-leading experts. Here, you can perform in a friendly work environment based on trust, respect, and collaboration.
Shape the future with us
Send your application to us no later than 28 April 2023.
We’ll be conducting interviews on a continuous basis and reserve the right to take down the advert when we have found the right candidate.
Please don’t hesitate to contact Joergen Moeller Nielsen, Head of OT and Security, on (Denmark +45) 99559798 on Mondays and Wednesdays between 10:00-15:00 CET, if you’d like to know more about the position. If you need to request any adjustments to working practices, working patterns, or the assessment or interview process, we're happy to discuss alternative arrangements.
Please note that for your application to be taken into consideration, you must submit your application via our online career pages and answer the screening questions relevant for your country.