Senior OT GRC Specialist
Due to the rapid growth taking place at Tekgem, we are looking to expand our Governance, Risk & Compliance (GRC) team and have roles available for a senior OT GRC specialist who is able to hit the ground running.
Responsibilities
* Assist in developing and implementing internal business processes to streamline operations within the GRC team.
* Participate in customer engagements to gather initial requirements and support the creation of proposals for work.
* Independently conduct IACS health check and risk assessments.
* Drive the design process for new technical solutions based off of GRC output and outcomes for customers/clients.
* Act as a mentor for junior team members, including apprentices, to support their development and career growth.
* Work with the commercial team to provide input on technical quotes and ensure accuracy and feasibility.
* Assist the GRC Lead and operations manager in planning and coordinating GRC-related projects.
* Support the management of IACS governance projects, serving as a point of contact for specific project deliverables.
* Stay updated on preferred Tekgem technologies and regulatory changes to ensure team-wide awareness and compliance.
* Assist in maintaining and updating standard procedures for routine configuration tasks within the GRC function.
* Contribute to the development and delivery of internal training programs for GRC and engineering staff.
* Provide expert guidance to customers on regulatory compliance matters in alignment with GRC best practices.
* Act as an escalation point for complex issues, ensuring they are addressed in a timely and effective manner.
* Identify opportunities to improve working practices and contribute to the implementation of these improvements.
* Conduct and support investigations, lead lessons learned sessions, and perform root cause analysis (RCA) for incidents and service delivery improvements, providing actionable recommendations to prevent recurrence.
* Take ownership of maintaining and managing Tekgem or client documentation, ensuring it is accurate, up-to-date, and compliant with internal and client-specific requirements.
* Support the GRC Lead in setting SMART goals for the team and monitoring progress toward achieving them.
* Promote a collaborative and inclusive team culture, ensuring effective communication and mutual support.
* Collect and analyse performance data to provide insights and recommendations for improving project delivery outcomes.
Skills
* In-depth knowledge of securing infrastructure & networks, including IACS specific environments.
* An awareness of current IACS regulatory requirements and best practices (HSE-OG-0086, NCSC CAF, IEC62443, NIST, etc).
* Possess and apply advanced knowledge of cybersecurity frameworks, standards, and practices to analyse risks, guide compliance efforts, and mentor junior team members on cybersecurity topics.
* Excellent attention to detail.
* Excellent analytical skills to understand, digest customer requirements, anticipate potential problems and solutions.
* Ability to delegate tasks within the team.
* Ability to write, review and approve technical documentation and proposals.
Qualifications
* Minimum 5 years hands-on experience working in an OT cybersecurity role.
* ISC2 CISSP or equivalent.
* CompTIA Cyber Security Track (up to CySA+) or equivalent (e.g., CySA+, PenTest+, GSEC) dependent on discipline background.
* GICSP, or alternative Industrial Specific Cyber Certification.
Company Benefits
Location: Hybrid; with occasional travel expected to client site or Tekgem office in Sedgefield.
Salary: Above industry average, negotiable based upon experience.
Other Benefits: travel allowance, private health and dental care, professional development program, company pension scheme, up to 10% performance bonus.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
#J-18808-Ljbffr