Ot cyber-security - grc (córdoba)

Córdoba
Impala Terminals
Publicada el Publicado hace 18 hr horas
Descripción

Key Responsibilities: 1. Audits & Assurance

- Plan, coordinate and support OT security audits, assessments and self‑assessments across sites and regions.
- Act as the primary interface for internal audit, external auditors, regulators and assessors on OT security matters.
- Ensure audit findings are risk‑assessed, prioritised, tracked and remediated in collaboration with stakeholders.
- Maintain evidence, documentation and artifacts required to demonstrate compliance.
- Support alignment and assurance activities with applicable OT cybersecurity standards and regulations.

2. Risk Management

- Lead and maintain OT cyber risk assessments, considering security, safety, environmental, assets and regulatory impacts aligned to 62443.
- Ensure OT risks are documented, owned and aligned with risk management frameworks.
- Define and maintain risk registers, including threat, vulnerability and consequence‑based risks.
- Support risk treatment planning and track risk acceptance, mitigation and residual risk decisions.
- Translate technical OT risks into clear, business‑relevant risk statements for leadership and governance committees.

3. Supply Chain & Third‑Party Risk Management

- Own and maintain OT security requirements for suppliers, consultants and vendors.
- Assess and manage third‑party cyber risks associated with OT systems, software, hardware and remote access.
- Support secure onboarding and ongoing assurance of critical OT suppliers and service providers.
- Ensure contractual and procurement processes include appropriate OT security access, and resilience requirements.
- Monitor and respond to supply‑chain‑related vulnerabilities, advisories and incidents.

4. External Compliance Training & Awareness

- Own and coordinate OT security strategy for training and awareness for internal teams, contractors and relevant third parties.
- Ensure training content reflects real OT risks, regulatory expectations and operational realities.
- Support compliance‑driven training obligations required by regulators, customers/contractual commitments.
- Promote a risk‑aware and safety‑conscious security culture across engineering and operations.
- Track and report on training and awareness completion and effectiveness where required.

5. Incident Response (IR)

- Support and govern OT‑specific incident response planning and readiness.
- Ensure OT incident response procedures are aligned with safety, operational and regulatory requirements.
- Coordinate OT involvement during incidents, including forensics, reporting and post‑incident reviews.
- Ensure lessons learned are captured and translated into improvements to controls and processes.

6. Business Continuity & Disaster Recovery (BCP/DR)

- Support the development and governance of OT business continuity and disaster recovery plans.
- Ensure BCP/DRP reflects realistic OT recovery scenarios, dependencies and constraints.
- Align OT recovery objectives with safety, production and regulatory expectations.
- Participate in and support BCP/DRP testing, exercises and reviews.
- Ensure cyber‑related disruptions are considered within operational resilience planning.

7. Crossover Responsibilities

- Act as a central point of coordination between security, engineering, operations, legal, HSEQ and compliance.
- Maintain OT security policies, standards and procedures within the GRC domain.
- Support executive and board reporting on OT security risk, compliance status and resilience.

Drive continuous improvement of the OT security governance framework CSMS.

Knowledge, Skills and Abilities

- 5‑7 years’ strong knowledge of OT cybersecurity governance, risk and compliance.
- Strong expertise of IEC 62443 series.
- Understanding of cyber/physical risk, safety, environmental, assets and regulatory impacts.
- Experienced understanding of industrial environments, OT lifecycles and operational constraints.
- Skilled in conducting/coordinating OT security audits, assessments, compliance activities and maintaining risk registers.
- Able to support IR, BCP and DRP planning and exercising.
- Delivering and coordinating OT training and awareness strategies.
- Expert in preparing clear documentation, evidence and executive‑level reporting.
- Ability to communicate complex risk clearly to technical and non‑technical audiences.
- Ability to work across integral and regulated environments.

Cross‑team collaboration, attention to detail, documentation discipline, risk communication & continuous improvement mindset.

#J-18808-Ljbffr

Enviar
Crear una alerta
Alerta activada
Guardada
Guardar
Ofertas cercanas
Empleo Córdoba
Empleo Provincia de Córdoba
Empleo Andalucía
Enviar
Crear una alerta
Alerta activada
Guardada
Guardar