Skip to content

RIIO-2 Cyber Security submissions review – Role 1 (CSC)

Closing date for applications: 01/11/2019
OVERVIEW OF ROLE
Specialist role
 Cyber security consultant
Summary of the work
 Review the submissions, visit the OES, facilitate workshops, ask pertinent questions on the submission in order to establish and confirm their response. One of the key outputs is to produce a decision paper for each of the assigned OES. Able to develop and retain relationships with the OES staff.
Latest start date
 25/11/2019
Expected contract length
 50 days
Location
 London
Organisation the work is for
 Gas & Electricity Markets Authority (Ofgem)
Maximum day rate
 Please specify required day rate
ABOUT THE WORK
Early market engagement
 -
Who the specialist will work with
 The Specialist will be working with other Cyber Security specialists working on the RIIO2 OES submissions. The NIS Regulations impose new duties on Operators of Essential Services (“OES”) and give relevant Competent Authorities (“CAs”) new powers and responsibilities to ensure OES are meeting those duties. Ofgem is a joint CA with BEIS, for the Downstream Gas and Electricity sectors in Great Britain.
What the specialist will work on
 1. Industrial Cyber Security Specialist (x1 resource) A recognised specialist in the field of industrial control systems security. This resource will assist & review the technical aspects of the OES’s submissions, ensure alignment with NIS requirements, provide guidance and industry best practice and challenge when necessary. Candidate needs experience in the industrial cyber security space & ideally in the Energy sector, leveraging a track record of successful project implementations and deployment of transformation programmes in this field. This role will require a broad range of experience in bringing together people, processes & technology, attention to detail and senior stakeholder management.
WORK SETUP
Address where the work will take place
 The majority of the reviews will take place on Ofgem's premises at 10 South Colonnade, Canary Wharf, London E14 4PU
Working arrangements
 The contract will be for total of 50 input days starting in November 2019. The selected company/candidate must be available to commence this assignment on mid November 2019 and be available until late January 2020.
Security clearance
 Staff visiting Ofgem’s & OEM’s premises shall hold at least a minimum of BPSS (Baseline Personnel Security Standard) level security clearance. The Contractor is responsible for obtaining clearance for all Staff and shall bear all costs associated with the clearance process.
ADDITIONAL INFORMATION
Additional terms and conditions
 -
EVALUATION CRITERIA
How many specialists to evaluate
 6
Cultural fit criteria
 Be able to engender confidence with OES and Ofgem Work well under pressure Take responsibility for delivering successfully Work well in a transforming environment Work well in a team and autonomously
Assessment methods
Evaluation weighting
 Technical competence 50% Cultural fit 20% Price 30%
EXPERIENCE
Essential skills and experience
  • Have 7 years proven track record of Leading the delivery of information security strategy in the industrial cybersecurity space, policy & process development and implementation
  • Have 7 years proven track record of leading the delivery of information security programmes and projects dealing mainly with industrial control systems
  • Clear evidence of a track record of successful project engagements covering a minimum of 6 of the topics listed below
  • a) Industrial cyber security strategy & architecture
  • b) Information security governance
  • c) Perimeter security and intrusion prevention & detection
  • d) Asset management
  • e) Defence in depth architecture
  • f) Knowledge of the energy sector
  • g) Industrial control systems controls & regulations (NIS, NERC-CIP, ISA/IEC 6443, NIST 800-53/8, etc.)
  • h) Security strategy & transformation
  • i) Information Security Risk Management best practices
  • j) Network segmentation and Purdue Model
  • k) Data protection
  • l) Industrial Health & Safety requirements
  • m) Identity & Access management
  • n) Change management
  • o) Malware & antivirus management
  • p) Information Security processes & policies
  • q) Incident response
  • r) Cyber threat intelligence
  • s) Vulnerability management
  • t) System security
  • u) Security awareness and training
  • v) Security monitoring
  • w) Third party vendors & access management
  • x) Resilience and business continuity
Nice-to-have skills and experience
  • Demonstrate their knowledge of the energy sector through direct experience with energy stakeholders
  • Demonstrate aknowledge of agile working practices
EXPRESS INTEREST
Closing date for applications: 01/11/2019

RIIO-2 Cyber Security submissions review – Role 1 (CSC)

Closing date for applications: 01/11/2019


Specialist role:

Cyber security consultant

Location:

London

Organisation:

Gas & Electricity Markets Authority (Ofgem)

Maximum day rate:

Please specify required day rate
FULL DETAILS / EXPRESS INTEREST HERE
IT Recruitment Marketplace
The Hive Enterprise Centre, Victoria Avenue
Southend-on-Sea, Essex SS2 6EX
© IT Recruitment Marketplace
To change your subscription email us here