Cyber Security Professional in Worthing, West Sussex

Our client are seeking a Cyber Security Professional to join their team based in West Durrington.

As a Cyber Security Professional, you will join us on our exciting journey of IT and security transformation. You will become a senior member of an existing team supporting the cyber and OT security program. In the role you will find a good mix of IT and OT as you manage the cyber risk and support the safety and security of us and our customers

You will be responsible for all aspects of IT and OT security. As a Cybersecurity Professional, you will play a crucial role in protecting our critical infrastructure from cyber threats, ensuring the continuity, reliability, and security of our services. Your expertise in identifying and mitigating potential cyber risks, implementing robust security measures, and responding to security incidents will be vital in safeguarding our operations and customer data.

This is a very technical role and will require a demonstrable foundation in IT/OT and cyber-related fields.

Responsibilities include:

Risk Assessment and Vulnerability Management:

• Conduct regular security assessments, risk analyses, and vulnerability assessments on systems, networks, and applications to identify potential weaknesses.
• Collaborate with IT and OT engineering teams to implement appropriate security measures and remediation plans to address identified vulnerabilities.
• Monitoring and reporting on cyber exposure and performance of technology, people and process.

Security Operations:

• Monitor and analyse security events, incidents, and alerts from various systems and sources to detect potential threats and intrusions.
• Investigate and respond to security incidents promptly, identifying the root cause and implementing remediation actions to prevent future occurrences.
• Utilize advanced cybersecurity tools and technologies to enhance incident detection, analysis, and response capabilities.
• Monitoring and reporting on MSSP SOC performance and related internal performance of technology, people and process

Incident Response and Recovery:

• Lead incident response efforts during cybersecurity breaches, coordinating with internal and external stakeholders to contain and recover from security incidents.
• Develop and maintain incident response plans, including simulation exercises and training for the incident response team.

Infrastructure Security:

• Develop and implement security policies, standards, and procedures aligned with industry best practices and regulatory requirements for the Utilities sector.
• Monitor and advise on the secure management of access controls, firewalls, intrusion detection/prevention systems, and other security infrastructure components.
• Stay current with the latest IT/OT security technologies, trends, and threats in the Utilities sector to proactively enhance security posture.

Compliance and Governance:

• Ensure compliance with relevant cybersecurity regulations, industry standards, and company policies.
• Assist in the preparation of audit materials and facilitate cybersecurity assessments by regulatory bodies and third-party auditors.

Awareness and Training:

• Work closely with L&D and Comms teams to conduct cybersecurity awareness programs and training sessions for employees to promote a security-conscious culture across the organization.
• Keep staff informed about potential cyber threats and best practices for protecting sensitive data and infrastructure.
• Monitoring and reporting on mandatory annual and microlearning modules, phishing exercise performance and related internal performance of technology, people and process.

Qualifications and requirements:

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CISM, CEH) are a plus.
• Proven experience working in cybersecurity roles within the Utilities sector or related critical infrastructure environments (IT/OT).
• Deep understanding of cyber threats, attack vectors, and security best practices specific to Utilities organizations.
• Proficiency in using security tools and technologies, such as SIEM, IDS/IPS, endpoint protection, and network security tools.
• Strong knowledge of cybersecurity frameworks, directives/standards, and compliance requirements applicable to the Utilities sector (e.g., NIS OES/CAF, NIST, ISO/IEC 27001).

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.