Local Information Security Officer
Permanent Staff Position
Reporting to the global CISO, you will act as the local lead on cyber security within the North West Europe (NWE) region. You will support the business units in the NWE region in the application of the group cyber security policies, procedures, and processes. You will also ensure compliance with applicable cyber security laws, regulations, and best practice. You will help enable the business to operate with a balance for the need to ensure security of the organisations business, personnel and third-party information.
- To ensure the inclusion of cyber security principles and best practice in IT/OT projects.
- To drive cyber security improvements across the IT/OT environments in the NWE region.
- To act as the link between the global cyber security team and the NWE region business units.
- To act as the lead on cyber security risk within the NWE region.
- To act as the cyber security subject matter expert within the NEW region.
- To act as the primary cyber security contact between NWE region business units and third parties such as government and regulators.
- To support cyber security audits, compliance exercises, and assessments.
- To develop strong relationships with all stakeholders within the Company.
- To develop effective relationships with third party cyber security providers and ensure delivery of the required services to the NWE region.
- Report on activities and provide relevant management information.
- Providing technical input on cyber security to internal project teams both within and outside own functional area.
- To monitor sources of cyber security intelligence and to ensure actions are taken to maintain and improve the cyber resilience of systems and services based on the current risk profile to the organisation and sector.
- Contribute to the delivery of applicable budgets for IT/OT
- Work to standard, procedures and work instructions for Safety Critical Tasks in order to meet COMAH requirements.
- Ensure all tasks carried out conform to company policies, procedures and systems.
- Comply with the Values and Fundamental Principles of the business.
- Be responsible, regardless of position, for the health, safety and security of yourself, colleagues and customers in accordance with the business and HSEQ principles.
- Be individually responsible for bringing to the notice of Line Management any potential hazard to health, safety or the environment of which you know or learn, in order that the hazard can be eliminated or significantly reduced; and for reporting any incidents relating to work activities.
Your education, experiences and skills
Educations, Training and Qualifications:
- Educated to degree (or equivalent) level in a relevant technology or cyber security subject or demonstratable experience of all aspects of cyber security in a relevant role
- A minimum of 3 years' experience in the application and management of cyber security principles and process in technology systems and networks
- A minimum of 3 years' experience in the application and management of Cyber Security in Microsoft environments.
- Experienced in the creation, application, and lifecycle of Cyber Security policies and procedures.
- Experienced with the application of Cyber Security principles to the design and implementation of ICS/SCADA systems.
- Experienced in the assessment, management, and lifecycle of Information Security Risks.
- Experienced in the management of Cyber Security audits and actions.
Skills and Knowledge:
- Managing information security.
- Risk assessment and Management.
- ISO27001, NIST, ISA99/IEC6443, NCSC Cyber Assessment Framework (CAF), and other information security standards.
- Familiarity with NIS, GDPR, and COMAH/HSE Cyber Security requirements/legislation would be appreciated.
- Knowledge of the cybersecurity market and vendors.
- Understanding of secure design principles for technology systems.
- Project management and goal-oriented background.
- Knowledge of security applications, hardware platforms, models, and deployment methods.
- Knowledge of Operational Technologies, Industrial Control Systems, SCADA, etc.
- Management of Cyber Security assessments and compliance exercises.
Other Specific Requirement:
- Full driving Licence
- Report writing skills
Petroplan is the trusted, specialist global Talent Solutions partner of choice for employers and professionals in the Energy sector. Since 1976, Petroplan has been here to help people like you make the most of the opportunities available and find the best fit for you as an individual.
Over 10,000 placements in more than 55 countries for over 550 clients across 65 disciplines.
In an industry where skilled and experienced professionals are increasingly sought after resource, we appreciate the true value of what you have to offer. What's more, we understand that different things are important to different people in today's world of work - it's about making exactly the right connections for you as an individual.
Our reputation for contractor and candidate care, understanding what makes you tick, and finding you the best match is second-to-none. We understand the industry inside-out and seek to understand YOU and your motivations in the same way. We take the time to evaluate your individual strengths, understand the most important things to you, and establish exactly what you're looking for from your next role.