Cyber Security Lead

This permanent role is pivotal in developing, implementing, and managing cybersecurity strategies to protect critical national infrastructure systems, ensuring compliance with key regulatory requirements.

• Lead the design, implementation, and upkeep of the OT Cybersecurity Management System and policies to OG86 and IEC(phone number removed)-1 compliance.
• Conduct risk assessments and threat modeling for OT environments in accordance with IEC(phone number removed)-2.
• Manage NIS compliance for OT Networks and produce the NIS annual report.
• Collaborate withOT Engineers to manage security controls for ICS, SCADA, and other OT systems.
• Oversee incident response and recovery procedures for OT-related cyber events reported by 24/7 OT SOC.
• Develop and deliver OT cybersecurity awareness and training programs.
• Monitor and report on OT cybersecurity posture and KPIs to senior leadership.
• Represent OT Cybersecurity in the Refinery change control process.

• A bachelor's degree in Cybersecurity, Computer Science, Engineering, or a related discipline.
• Relevant certifications such as GICSP, CISSP, CISM, or ISA/IEC 62443 are preferred.
• Significant experience working in cybersecurity or operational technology (OT) environments within critical national infrastructure (CNI) sectors such as power, oil & gas, transportation.
• Strong understanding of industrial control systems (ICS) and communication protocols such as Modbus, OPC, and DNP3.
• Proven experience with OT network architecture, including network segmentation, firewalls, and secure remote access.
• Practical knowledge of key regulatory and compliance frameworks, including COMAH, NIS, HSE OG86, and ISO/IEC 62443.

• Strategic thinking and leadership
• Strong communication and stakeholder engagement
• Analytical and problem-solving skills
• Ability to work under pressure in high-risk environments
• Ability to manage OT Cybersecurity projects
• Collaborative mindset across multidisciplinary teams

• Experience in oil & gas, energy, utilities, or manufacturing sectors.
• Hands-on experience with OT security tools (e.g., Claroty, Dragos).
• Participation in cyber incident simulations or red/blue team exercises.