EXPERIENCE
Essential skills and experience
- Three years’ proven track record of delivery of complex information security control reviews ideally in the industrial cyber security space
- Have 3 years proven track record of cyber security assessments, report writing, programme management, project & budget reviews
- Clear evidence of a track record of successful project engagements covering a minimum of 6 of the topics listed below:
- (a) Industrial cyber security strategy & architecture
- (b) Project Planning
- (c) Security assessments
- (d) Budgeting & timelines management
- (e) Asset management
- (f) Programme management responsibilities including tracking timelines, milestones & budgets
- (g) Industrial control systems controls & regulations (NIS, NERC-CIP, ISA/IEC 6443, NIST 800-53/8, etc.)
- (h) Data protection
- (i) Application security
- (j) Industrial Health & Safety requirements
- (k) Identity & Access management
- (l) Change management
- (m) Malware & antivirus management
- (n) Information Security processes & policies
- (o) Incident response
- (p) Vulnerability management
- (q) System security
- (r) Security awareness and training
- (s) Security monitoring
- (t) Third party vendors & access management
- (u) Portable media
- v) Resilience and business continuity
Nice-to-have skills and experience
- Demonstrate their knowledge of the energy sector through direct experience with energy stakeholders
- Demonstrate a knowledge of agile working practices