Cyber Security Advisor

Job Description

A leading infrastructure business providing essential utilities to Sussex and Kent are seeking a Cyber Security Advisor to join their team in Sussex.As a Cyber Security Professional, you will join the business on an exciting journey of IT and security transformation. The Cyber Security Advisor will become a senior member of an existing team supporting the cyber and OT security program. In the role youwill find a good mix of IT and OT as you manage the cyber risk and support the safety and security of us and our customersYou will be responsible for all aspects of IT and OT security. As a Cybersecurity Professional, you will play a crucial role in protecting critical infrastructure from cyber threats, ensuring the continuity, reliability, and security of our services. Yourexpertise in identifying and mitigating potential cyber risks, implementing robust security measures, and responding to security incidents will be vital in safeguarding our operations and customer data.This is a hybrid working role.Responsibilities include:Risk Assessment and Vulnerability Management:• Conduct regular security assessments, risk analyses, and vulnerability assessments on systems, networks, and applications to identify potential weaknesses.• Collaborate with IT and OT engineering teams to implement appropriate security measures and remediation plans to address identified vulnerabilities.• Monitoring and reporting on cyber exposure and performance of technology, people and process.Security Operations:• Monitor and analyse security events, incidents, and alerts from various systems and sources to detect potential threats and intrusions.• Investigate and respond to security incidents promptly, identifying the root cause and implementing remediation actions to prevent future occurrences.• Utilize advanced cybersecurity tools and technologies to enhance incident detection, analysis, and response capabilities.• Monitoring and reporting on MSSP SOC performance and related internal performance of technology, people and processIncident Response and Recovery:• Lead incident response efforts during cybersecurity breaches, coordinating with internal and external stakeholders to contain and recover from security incidents.• Develop and maintain incident response plans, including simulation exercises and training for the incident response team.Infrastructure Security:• Develop and implement security policies, standards, and procedures aligned with industry best practices and regulatory requirements for the Utilities sector.• Monitor and advise on the secure management of access controls, firewalls, intrusion detection/prevention systems, and other security infrastructure components.• Stay current with the latest IT/OT security technologies, trends, and threats in the Utilities sector to proactively enhance security posture.Compliance and Governance:• Ensure compliance with relevant cybersecurity regulations, industry standards, and company policies.• Assist in the preparation of audit materials and facilitate cybersecurity assessments by regulatory bodies and third–party auditors.Awareness and Training:• Work closely with L&D and Comms teams to conduct cybersecurity awareness programs and training sessions for employees to promote a security–conscious culture across the organization.• Keep staff informed about potential cyber threats and best practices for protecting sensitive data and infrastructure.• Monitoring and reporting on mandatory annual and microlearning modules, phishing exercise performance and related internal performance of technology, people and process.Qualifications and requirements:• Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CISM, CEH) are a plus.• Proven experience working in cybersecurity roles within the Utilities sector or related critical infrastructure environments (IT/OT).• Deep understanding of cyber threats, attack vectors, and security best practices specific to Utilities organizations.• Proficiency in using security tools and technologies, such as SIEM, IDS/IPS, endpoint protection, and network security tools.• Strong knowledge of cybersecurity frameworks, directives/standards, and compliance requirements applicable to the Utilities sector (e.g., NIS OES/CAF, NIST, ISO/IEC 27001).Intersect Global are an equal opportunities employer, we embrace diversity in the work place.