Location: Boston, USA Work Schedule: Hybrid (2-3 days onsite, with the rest remote) Travel: up to twenty-five% Duration: 12 months with the likelihood of extension
Role Synopsis :
The Senior OT Security Officer works closely with the OT Security Project Manager and OT Security Region Manager, supporting Asset Projects in the implementation phase. The Senior OT Security officer is responsible for activities such as supporting the development of risk assessment mitigation planning, supporting SMEs in other teams in understanding OT Security requirements, describing and advising on implementation, taking part in verification activities at FAT/SAT/SIT and providing assistance in the preparation of reports, as well as reviewing reports generated by other teams in support of verification activity. The Senior OT Security Officer will also work closely with other business functions to further develop OT Security maturity in the organization and support key activities in Product Lines, assisting in developing consistent security services across the organization and with vendors.
Responsibilities:
Project OT security and compliance planning, including defining OT security objectives and KPIs at PL and AP. level and supporting OT security objectives at the package level
Establish, implement, and maintain OT security management system at/PL. level providing a framework for all packages/modules. Communicating and describing OT security objectives at the package level
Support verifying OT Security requirements, related processes, and controls implemented at project and package levels.
Advise, assist, and follow up on the module/packages team members concerning OT security matters and implementation of requirements.
Ensure the OT security management system at the AP/PL level addresses the relevant compliance and OT security issues.
Assist in developing OT security prioritisations in AP and PL, supporting communication and prioritization of OT security issues within the PL/AP and to parties outside the projects.
Propose prioritising OT security initiatives, support implementation at the project level, and follow up on corrective and preventive actions at the AP/PL level.
Ensure that the chosen OT security solutions at both the project/product line and package levels are signed off by the EPC OT Security area.
Ensure that gaps between chosen OT security solutions of AP/PL and the process landscape in Operations are documented and communicated to AP/PL and O&M management in such a way that the gaps are specific and actionable
Exposure to the Energy Industry, especially any dealings with national critical infrastructure.
Assist the OT Security Project Manager and OT Security Region Manager in preparing and following up on the OT Security Implementation Plan for each package/module.
Support OT Security Region Manager in assessing OT security requirements, implementation, and compliance.
Support the facilitation of OT security risk assessments at the module/package level to identify critical activities or interfaces and verify that relevant parties carry these out.
Perform OT security progress and verification reporting in line with the OT Security implementation Plan requirements and ensure that.
Represent the OT Security team within relevant PL activities such as vendor workshops.
Support in the creation of verification documentation to assist the handover process with transfer management and O&M organization
Requirements:
Science, Technology, Engineering, or Mathematics Qualifications (Bachelor’s) Required
5-6 years of work experience with or adjacent to operational technologies, Utilities/Transmission/Distribution experience.
A good understanding of SCADA, PLC, and Automation Networks essential
Strong knowledge of security concepts and frameworks related to OT Systems
Understanding of Legislation relating to Critical National Infrastructure
Should have experience with leading the implementation of complex solutions in challenging environments
Experience working in complex teams along with end users of solutions, particularly in an operational environment
Desired experience:
Understanding network and systems security, systems and configuration, and application security.
Exposure to the Energy Industry, especially any dealings with national critical infrastructure.