Cyber Security Programme Manager

Sword ITS
Closing date
13 Aug 2021

View more

Technology & New Media
Contract Type

Job Details

Sword are a trusted partner to a significant number of Oil & Gas sector clients in the UK. Our Aberdeen based Energy Services team employs talented individuals who deliver Information Technology and Data Management solutions, leveraging the latest developments in systems and technology, whilst delivering a consistently first-class service to our customers.

As the pre-eminent provider of Information Technology services to the Energy Sector in Aberdeen, we have an opportunity for an experienced Programme Manager.

Key Competencies
  • Cybersecurity experience, particularly in securing critical infrastructure/ ICS, OT (to include PCS, SCADA systems, PLCs, RTUs, etc.)
  • Ability to apply skills across a broad range of cybersecurity domains (i.e. Network, Endpoint, Application, Encryption, Firewalls, User Access, Remote Access)
  • Familiarity with ICS-related communications protocols (e.g., Ethernet, MODBUS, DNP3, S7, etc.)
  • Familiarity with engineering security solutions for real-time and/or performance-sensitive systems
  • Experience in gap analysis or maturity analysis and security risk assessment, specifically in the IACS domain
  • Experience completing cybersecurity assessments based on frameworks such as NIST 800- 53/800-82, IEC 62433, NEI 08-09, ISA, etc.
  • Experience with using common information security management frameworks, such as GDPR, ISO 27000 Series, the IT Infrastructure Library (ITIL), the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT)
  • Experience of working with UK Frameworks such as OG-86 and NIS D
  • Experienced in vulnerability scanning or analysis of ICS/OT systems and networks
  • Working knowledge of system security design process, defence-in-depth/breadth, engineering lifecycle, information domains, cross-domain solutions, identification, authentication, and authorization, system integration, risk management, intrusion detection
  • Hybrid IT/Infosec and OT/Cybersec skillset and experience coming from either from an ICS and automation/Electrical Engineering background or an IT and Security Infrastructure engineering background
  • Proficiency in defining and measuring security KPIs and developing security roadmaps
  • Demonstrate proficiency in programme strategy and execution within the business and security domains
  • Ability to anticipate and mitigate risk by conducting assessments across the programme to determine if the implementation plans meet stakeholder requirements and will achieve strategic objectives
  • Strong oil & gas sector experience with good domain and business process knowledge
  • Strong Programme and Project Management experience, with strong skills across the knowledge areas of integration management, scope management, time management, cost management, quality management, people management, communications management, stakeholder management, risk management and procurement management
  • Good understanding of commercial / procurement processes involved in projects and programmes
  • Strong experience of managing third-party vendors, and remote workers, to deliver work-scopes to time and budget
  • Strong people management skills, with the ability to "bring people along" with them
  • Strong skills and experience in managing business change, with evidence of that in past project delivery
  • Ensures all change is appropriately and successfully managed, following all required EnQuest processes relating to business change, engineering change (MoEC) and OT / IT change
  • Resilient, self-motivated, self-sufficient, well organised and 'flexible' character, who can work with minimal supervision and direction, and who is unfazed by the challenges and difficulties which inevitably arise in a complex project or programme
  • Works with all relevant business stakeholders to ensure that business input and buy-in is obtained, to ensure that all work is correctly scoped and business impacts and timelines are understood and agreed
  • Takes ownership of all aspects of a programme / project and understands that they are responsible for successful delivery, finding solutions for problems and threats to delivery
  • Strong issue resolution abilities - someone who takes ownership of issues and who can manage and co-ordinate resources to ensure they are worked through to resolution
  • Ideally, holds a degree and a certification / qualification in project management, e.g. PRINCE2 or PMP; alternatively, proven experience and a strong track record of successful project delivery
  • Holds a security certification (e.g. GICSP, CISM, CISSP, CCSP)
  • The role will involve directly managing project resources in the completion of project work- packages, signing off project work-packages completed by project resources and managing project supplier performance.

This permanent staff role can be performed remotely from within the UK to support a positive work - life balance, with occasional client site visits as required, in line with current health and safety guidelines.

All members of the Sword team are supported and encouraged to develop their career with Sword through our personal training and development plan alongside a competitive salary, pension, and healthcare package.

For a confidential discussion regards this opportunity please apply on-line in the first instance.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert