Join us in this role where you’ll be responsible for overseeing and managing the cybersecurity risks associated with Operational Technology (OT) systems within offshore windfarm operation. You will work closely with the Risk Team, key stakeholders, operations, and management to ensure informed decision-making and compliance with relevant regulations and standards such as ISO 27001.

Welcome to Ørsted Windpower Operations department
You’ll be part of Operations Security & Compliance Team, which is part of OT Digital & Security where you, together with your colleagues, will conduct risk assessments & risk workshops. Regularly review and evaluate the cybersecurity risks associated with the OT systems that control wind turbine operations, electrical substations, and other critical infrastructure, ensuring they are aligned with national cybersecurity standards like ISO27001/27019 NIS-CAF, NERC CIP, NIS2 etc.

As a team, we have a culture of learning and improving, we work as a diverse global team with different cultural backgrounds and competencies.

You’ll play an important role in:

• conducting Risk Assessments & Risk Workshops: Regularly review and evaluate the cybersecurity risks associated with the OT systems that control wind turbine operations, offshore substations
• establishing cybersecurity frameworks, policies, and procedures tailored for offshore wind farm environments to address risks related to industrial control systems (ICS) and SCADA systems etc.
• working closely with IT security and operational technology teams to ensure integration between OT and IT security practices, focusing on the overall protection of critical national infrastructure
• Ensuring compliance with national and international cybersecurity regulations and standards and managing the reporting of OT security status to regulatory bodies, Cyber Security Boards and others
• Ensuring that cybersecurity risk management practices comply with regulations, standards (such as ISO 27001, ISO 27005, NIS-CAF, NERC-CIP, NIS2 etc.), and industry best practices for offshore.

To succeed in the role, you:

• have a good understanding of risk management principles, especially in the context of operational technology (OT) and critical infrastructure, with the ability to apply ISO 27005's risk assessment and treatment methods effectively

• can translate cybersecurity risks into business-relevant insights, facilitating risk-informed decision-making at higher management levels, balancing technical needs with business priorities
• have a good technical understanding of OT systems, networking, and cybersecurity protocols relevant to offshore wind operations
• are familiar with SCADA, ICS, and other OT technologies
• have excellent communication skills for engaging with both technical teams and business leaders. You can convey complex risk scenarios in simple, actionable terms to non-technical stakeholders.

Maybe you’ve read the above and can see you have some transferable skills, even though they don’t quite match all the points. If you think you can bring something to the team, we still encourage you to apply.

Shape the future with us
Send your application to us as soon as possible. We’ll be conducting interviews on a continuous basis and reserve the right to take down the advert when we’ve found the right candidate.

As an applicant or employee, you may request reasonable work and position accommodation or adjustments via accommodation@orsted.com.