We are seeking a highly skilled Cybersecurity Subject Matter Expert to join our team. The ideal candidate will have a deep and up-to-date knowledge of key cybersecurity standards and frameworks, with a focus on Operational Technology (OT) and industrial control systems (ICS). This role is crucial for managing contractual risks, negotiating with customers, and ensuring our products and services comply with evolving global cybersecurity legislation. You will be a key liaison, translating customer requirements into actionable plans for our product and engineering teams.
Key Responsibilities
- Standards & Frameworks: Maintain up-to-date knowledge of and apply key cybersecurity standards and frameworks, including ISA/IEC 62443, ISO 27000 Series, NIST CSF, and relevant EU directives and country-specific legislation.
- Risk & Contract Management: Identify and mitigate contractual risks. Review cybersecurity contract language and negotiate with customers to close technical deals.
- Cross-Functional Collaboration: Collaborate with various business units and the internal cyber community to ensure cybersecurity commitments are realistic and deliverable.
- Gap Analysis & Requirements: Translate cybersecurity gaps from customer contracts into clear, structured requirements for product teams. Follow up on mitigation plans and implementation feasibility.
- Legislation & Compliance: Monitor evolving global cybersecurity legislation relevant to OT and ICS. Analyze the impact of these requirements on our offerings and initiate cross-functional alignment where necessary.
- Training & Communication: Prepare and deliver training material related to cybersecurity standards and practices.
Qualifications
- A Master's or Bachelor's degree in Cybersecurity, Computer Science, or a similar engineering specialization.
- Extensive knowledge of cybersecurity standards (e.g., IEC 62443, NIST, ISO 27001) and frameworks for IT & OT systems.
- Experience working in a global, cross-functional, and matrix organization.
- Familiarity with the energy or renewables industry is preferred.
- Industry certifications such as IEC 62443, GICSP, CISSP, or CISM are highly desirable.
Competencies
- Technical Expertise: Knowledge of OT systems development, design, architecture, and deployment, particularly in the electric utility industry.
- Risk Management: Experience in sales contract reviews, revisions, and customer negotiations.
- Project Leadership: A background in leading technical and organizational cybersecurity implementation projects.
- Communication: Effective communication, negotiation, and presentation skills in English, with the ability to manage product stakeholders.
