Engineering and construction

Join us in this role where you’ll be leading UKW hub national critical infrastructure with cyber secure generation. You will be leading in all areas of Information Security Management system across the region, initiating improvements of the system, and reporting from the system. This also includes ensuring that the implemented ISMS controls fulfil organisational and country-specific legal requirements where ISMS is implemented.

Welcome to UK West Engineering
You’ll be part of UKW Engineering team where you, together with your colleagues, will ensure secure, reliable generation from our European assets. You will ensure the best possible handling and improvement of cybersecurity and ensure compliance towards applicable country-specific legal requirements where ISMS is implemented. You’ll secure the lowest possible operating costs and consistently deliver high-quality results at the right time.

You’ll play an important role in:

• maintaining and improving the cybersecurity risk register, including conducting risk identification, developing improvement roadmap and conducting follow-up workshops with relevant parties

• owning regional technical cyber security risks in close collaboration with Quality & Risk team. Developing, securing budget and implementing risk treatment plans

• defining effective business continuity plans for SCADA IT/OT systems, maintaining them and implementing them in emergency scenarios, leading event recovery sessions in relation to area of expertise

• facilitating and supporting regional hub initiatives on continuous improvement of ISMS, including instructions, controls, reports, training, or other work related to ISMS

• ensuring development and roll-out of training to all involved functions as well as supporting relevant teams in the implementation of ISMS requirements

• establishing, conducting, and following up on regional audits (internal & external) and management reviews in accordance with requirements in ISMS.

To succeed in the role, you: [HFJ1] 

• hold a degree in Information Security, Cybersecurity, Computer Science, or a related field

• are proficient in cyber security in IT/OT environments, preferably with in-depth knowledge on ISO27001/27019 and IEC62443. National requirements such as NIS-CAF would be advantageous

• possess relevant cybersecurity certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC)

• bring prior experience working independently in the energy sector, particularly in a regulated environment such as utilities, renewable energy, or oil and gas

• are proficient in risk assessment methodologies, security controls, and incident response management

• demonstrate ability to work effectively with external vendors and internal stakeholders to achieve security objectives.

Maybe you’ve read the above and can see you have some transferable skills, even though they don’t quite match all the points. If you think you can bring something to the team, we still encourage you to apply.

Shape the future with us
Send your application to us as soon as possible. We’ll be conducting interviews on a continuous basis and reserve the right to take down the advert when we’ve found the right candidate.

As an applicant or employee, you may request reasonable work and position accommodation or adjustments via accommodation@orsted.com.

Please note that for your application to be taken into consideration, you must submit your application via our online career pages and answer the screening questions relevant for your country. We don't take applications or inquiries from external recruiters or agencies into account for this position.