Cyber Security Fleet Manager
-
Job added: 6 April 2019
-
Location: Gloucestershire
-
County: Gloucestershire
-
Job Type: Contract
-
Reference: 209814424
-
Company: CV-Library
Nuclear Engineer/Cyber security
Contract
Gloucestershire
Overview
My client a leading energy provider is looking to engage a Cyber Security Fleet Manager to join them at their location in Barnwood on a contract running until the end of the year.
You will need to have a strong background in Nuclear Engineering in order to apply for this role.
As Cyber Security Fleet Manager you will;
* Providing fleet wide governance, oversight and support to ensure the effective development of cyber
* security mitigations and outcomes required to protect the Business (for both IT systems and
* plant/operating technologies OT) from cyber risks and digital hazards.
* Providing advice and support to the Head of Nuclear Security and the Generation Managing Director as
* the Nuclear Generation Senior Information Risk Owner (SIRO) to ensure confidence that controls and
* measures to mitigate the cyber risk are effective and within the risk appetite of the Business.
Principal Accountabilities
* Manage the production of company policy and procedures and the implementation of this and external policy, standards and best practice across the fleet to protect the company’s plant (OT) and IT systems from cyber risks.
* Manage the production of cybersecurity risk assessments and audits on projects, equipment and
processes with a systematic approach; reviewing the assessments to ensure thoroughness,
standardisation and quality.
* Provide support and advice to the wider business on the implementation and application of cyber security controls and measures to protect plant and information systems.
* Working externally with the UK’s National Cyber Security Centre, EDF Energy Enterprise IT and internally with Central Technical Organisation (Engineering) and Generation Information Systems to provide advice to the business on current threats and vulnerabilities and the measures necessary to mitigate their impact.
* Provide support to cyber incident management and recovery, representing the Nuclear Security
Information Security team and Chief Information Security Officer. Consistent with the GOSP fleet management model, develop and implement plans and strategies to
improve the application of cyber security controls across the nuclear fleet addressing performance gaps and provide regular reporting of progress in delivering the strategy.
* Work closely with sites to understand their business and operational drivers and to determine how best to support them to protect their assets from cyber incidents.
* Develop effective working relationships with the Office for Nuclear Regulation, particularly in building
confidence and trust in the effectiveness of the Nuclear Generation’s cyber risk mitigations.
* Deputise for the Information Security Manager (CISO) when required, effectively acting as the designated
Knowledge & Skills
Essential
* SC Vetting
* Good working knowledge of applicable national and international standards and information security frameworks (ISO2700X, HMG Security Policy framework, HMG Information Security Standards).
* Exemplary stakeholder management skills – proven ability to influence and inform.
* Good understanding and practical experience of complex cybersecurity threats and risks.
* Strong computer literacy.
Desirable
* Good knowledge and experience of relevant regulations and policy including, Nuclear Industries Security Regulations (NISR 2003).
* Working knowledge of current risk methodologies e.g. IRAM2.
* Ability to work on their own initiative, with minimal supervision and meet demanding milestones as part of a small security team.
Qualifications & Experience
Essential
* Educated to degree level.
* A recognised Information Security certificate is desirable e.g. Certified Information System Security
* Professional (CISSP), Certified Information Security Manager (CISM) or similar.
* Experience in providing security guidance and undertaking assurance reviews of IT systems and procedures in a regulated environment.
* Proven people and team leadership skills.
* Full driving licence.
Desirable
* Previous cyber security experience, especially in the nuclear sector and/or in government.
* Command and Control / Emergency decision-making experience.
Nuclear Operations specific
Technical Competencies
* Possesses and demonstrates knowledge of statutory legislation relevant to Nuclear Power Plant operations, site licence requirements, company emergency arrangements and Health & Safety Legislation.
* Possesses and demonstrates high-level knowledge of Nuclear Industries Security Regulations (NISR 2003) and security regulations and requirements.
* Possess and demonstrate knowledge of ISO27000, HMG Security Policy Framework, HMG Information Security Standards, and current risk methodologies.
Please apply via the website I look forward to receiving your application.
Capita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.
Capita Resourcing is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us
Contract
Gloucestershire
Overview
My client a leading energy provider is looking to engage a Cyber Security Fleet Manager to join them at their location in Barnwood on a contract running until the end of the year.
You will need to have a strong background in Nuclear Engineering in order to apply for this role.
As Cyber Security Fleet Manager you will;
* Providing fleet wide governance, oversight and support to ensure the effective development of cyber
* security mitigations and outcomes required to protect the Business (for both IT systems and
* plant/operating technologies OT) from cyber risks and digital hazards.
* Providing advice and support to the Head of Nuclear Security and the Generation Managing Director as
* the Nuclear Generation Senior Information Risk Owner (SIRO) to ensure confidence that controls and
* measures to mitigate the cyber risk are effective and within the risk appetite of the Business.
Principal Accountabilities
* Manage the production of company policy and procedures and the implementation of this and external policy, standards and best practice across the fleet to protect the company’s plant (OT) and IT systems from cyber risks.
* Manage the production of cybersecurity risk assessments and audits on projects, equipment and
processes with a systematic approach; reviewing the assessments to ensure thoroughness,
standardisation and quality.
* Provide support and advice to the wider business on the implementation and application of cyber security controls and measures to protect plant and information systems.
* Working externally with the UK’s National Cyber Security Centre, EDF Energy Enterprise IT and internally with Central Technical Organisation (Engineering) and Generation Information Systems to provide advice to the business on current threats and vulnerabilities and the measures necessary to mitigate their impact.
* Provide support to cyber incident management and recovery, representing the Nuclear Security
Information Security team and Chief Information Security Officer. Consistent with the GOSP fleet management model, develop and implement plans and strategies to
improve the application of cyber security controls across the nuclear fleet addressing performance gaps and provide regular reporting of progress in delivering the strategy.
* Work closely with sites to understand their business and operational drivers and to determine how best to support them to protect their assets from cyber incidents.
* Develop effective working relationships with the Office for Nuclear Regulation, particularly in building
confidence and trust in the effectiveness of the Nuclear Generation’s cyber risk mitigations.
* Deputise for the Information Security Manager (CISO) when required, effectively acting as the designated
Knowledge & Skills
Essential
* SC Vetting
* Good working knowledge of applicable national and international standards and information security frameworks (ISO2700X, HMG Security Policy framework, HMG Information Security Standards).
* Exemplary stakeholder management skills – proven ability to influence and inform.
* Good understanding and practical experience of complex cybersecurity threats and risks.
* Strong computer literacy.
Desirable
* Good knowledge and experience of relevant regulations and policy including, Nuclear Industries Security Regulations (NISR 2003).
* Working knowledge of current risk methodologies e.g. IRAM2.
* Ability to work on their own initiative, with minimal supervision and meet demanding milestones as part of a small security team.
Qualifications & Experience
Essential
* Educated to degree level.
* A recognised Information Security certificate is desirable e.g. Certified Information System Security
* Professional (CISSP), Certified Information Security Manager (CISM) or similar.
* Experience in providing security guidance and undertaking assurance reviews of IT systems and procedures in a regulated environment.
* Proven people and team leadership skills.
* Full driving licence.
Desirable
* Previous cyber security experience, especially in the nuclear sector and/or in government.
* Command and Control / Emergency decision-making experience.
Nuclear Operations specific
Technical Competencies
* Possesses and demonstrates knowledge of statutory legislation relevant to Nuclear Power Plant operations, site licence requirements, company emergency arrangements and Health & Safety Legislation.
* Possesses and demonstrates high-level knowledge of Nuclear Industries Security Regulations (NISR 2003) and security regulations and requirements.
* Possess and demonstrate knowledge of ISO27000, HMG Security Policy Framework, HMG Information Security Standards, and current risk methodologies.
Please apply via the website I look forward to receiving your application.
Capita Resourcing welcome applications from all suitably qualified people regardless of gender, race, disability, age or sexual orientation.
Capita Resourcing is a trading name of Capita Resourcing Ltd. Services offered are those of an Employment Agency and Employment Business. Applicants will be required to register with us
You can apply this job via clicking the button below.
Apply online
