Job Details

Description:

Join us in this role where you'll be working on our American projects, overseeing their construction and adherence to the requirements imposed by the OT Security legislation. A large part of this concerns compliance with NECR-CIP, combined with our internal requirement for building assets based on IEC 62443. The combination of the two standards will ensure a high level of cybersecurity for the assets.

Welcome to OT Systems Engineering

You'll be part of the OT Security Engineering team where you, together with your colleagues, will enforce compliance with the cybersecurity regulations in the country in which we're constructing our assets, as well as our own internal requirements.

You'll play an important role in:

1. Ensuring compliance with the local requirements
2. Working across a range of packages to help ensure their compliance
3. Being responsible for the delivery of our internal IT services
4. Performing technical documentation review and OT Security Factory and Site Acceptance Tests.

The Consultant must bring his/her own PC and/or iPhone. External consultants' equipment such as PCs, mobile phones, and iPads must always be up-to-date with the latest iOS release. The owner must allow Ørsted's AirWatch security and management software for iPhones and iPads to be installed. The app is mandatory on all mobile devices used by Ørsted staff (including External consultants) to protect them from cybercrime. The owner must grant approval for Ørsted to remove apps, data, and access from privately owned equipment if it is deemed to pose a risk in relation to Ørsted's security or the GDPR regulations, if the equipment is lost/stolen, or if the owner ceases to have an active contract with Magnit and/or Ørsted. When an external consultant leaves Ørsted, they must contact the IT Service Desk to remove all Ørsted apps and data. The IT Service Desk can only support privately owned equipment in connection with Ørsted's AirWatch security and management software.

Requirements:

To succeed in the role, you:

1. Have practical experience with NERC-CIP, IEC 62443, and possibly ISO 27k series of standards
2. Have experience with security testing in LV and SCADA/OT Control systems and Communication/IT systems
3. Have experience with network concepts and technologies in particular segmentation
4. Are good at collaborating with a range of stakeholders
5. Have project management experience

Please assess this role if it shall be exempt or non-exempt according to FLSA. State the result of the assessment in the notes section in each candidate submission.