Cyber Security Architect
Description
Do you want to work to make Power for Good?
We're the world's largest independent renewable energy company. We're guided by a simple yet powerful vision: to create a future where everyone has access to affordable, zero carbon energy.
We know that achieving our ambitions would be impossible without our people. Because we're tackling some of the world's toughest problems, we need the very best people to help us. They're our most important asset so that's why we continually invest in them.
RES is a family with a diverse workforce, and we are dedicated to the personal professional growth of our people, no matter what stage of their career they're at. We can promise you rewarding work which makes a real impact, the chance to learn from inspiring colleagues from across a growing, global network and opportunities to grow personally and professionally.
Our competitive package offers a wide range of benefits and rewards.
The position
The Global Cyber Architect will support the Director of Cyber Security in ensuring that the company’s Information Technology and Operational Technology (IT & OT) systems are optimally designed and configured as well as adequately protected from cyber threats so to ensure continuous and effective business operations. This role will work with Cyber Service Providers, internal support teams and key stakeholders to implement and operate cyber security systems and processes on behalf of the Director of Cyber Security and the Group CIO.
Ultimately, this role will support RES to continually adapt and enhanced its cyber security. Through the embedding of cyber security into business practices and technology, this role will support RES in becoming recognised as a market leader in the delivery of cyber security services within renewables.
The post-holder will be required to travel periodically to RES sites to establish and maintain excellent customer relations.
Key accountabilities:
- Lead the production of cyber architecture roadmaps, standards and patterns to the support the successful delivery of IT and OT solutions and business objectives
- Act as the lead design authority for cyber security architecture matters through the production and review of solution proposals
- Working closely with the Global Lead Architect to ensure all material cyber related technology change is assessed and endorsed by the Technical Design Authority (TDA)
- Oversee the delivery of activities within a continuous programme of cyber technology improvements focused on enhancing the resilience, standardisation and reliability of the RES technology environments
- Lead the technical design and implementation of a ‘cyber security management system’ to underpin getting and maintaining a global cyber accreditation
- Ensure cost optimization practices are applied to ‘AS-IS’ and ‘TO-BE’ OT cyber architecture solutions to maximize the benefits returned from IT and OT technology in line with business objectives
- Undertake cyber related technical due diligence for business proposals offered to clients
- Assist in the gathering, analyzing of threat intelligence and learning from security partners, industry peers and government agencies to understand potential and relevant impacts to RES
- Support incident response and recovery activities in relation to IT and OT systems in close liaison with the Cyber Security colleagues
- Oversee security penetration testing of IT and OT systems to ensure the effective management and remediation of any resulting improvement actions
- Assisting in the designing of cyber incident simulation scenarios to ensure response and recovery capabilities are routinely tested and adapted as required
- Lead on the technical design of Cyber ‘Health Check’ services to be provided to clients
- Shape and gain buy in to the cyber strategy and supporting standards, roadmaps and patterns across the OT and IT teams and business stakeholders
Line Management
Direct supervision of 3rd parties’ suppliers in the delivery and execution of cyber services
Knowledge
- Extensive knowledge of cyber security in relation to IT & OT systems and infrastructure
- Extensive knowledge of good practice enterprise level of design, implementation and operation of IT & OT environments and
- Knowledge of technology governance processes covering financial management, project management, compliance and IT risk management.
- Excellent Knowledge and experience of Cyber Architecture (spanning Enterprise, Information, Technical, Application, People & Process)
- Solid understanding of managing and partnering with 3rd party cyber security suppliers.
- Deep understanding of Cyber security principles, frameworks and standards e.g. ISO27001, NERC-CIP and NIST-CSF
Skills
- A ‘business outcome’ approach and style to delivering technology change
- Strong Business Acumen and collaborative in approach
- Proven ability to engage, build strong relationships, influence and partner with stakeholders across functions and geographies.
- Credible and capable; able to quickly build the confidence in senior managers and peers
- Passionate about technology and how it can improve the customer experience.
- Excellent negotiation and resolution skills - A capable negotiator, both internally and with third parties.
- An ability to shape direction and translate strategy into action.
- An individual of integrity who will respect and demonstrate RES values. Sensitive and intuitive, whilst displaying gravitas and credibility
Experience
- Extensive experience and track record working in Cyber Security and Architecture
- A highly capable, all round technologist, preferably in the B2B sector, with experience of change and transformation.
- Experienced gained in the Construction, Utilities or a project based business
- Accustomed to dealing with senior managers and exceptionally customer focused.
- Demonstrated deep knowledge of technical/Infrastructure architectures and standards
- Experience of architecting and auditing leading cyber security technologies such as firewalls, vulnerability scanners and authentication services
- Experience of using architecture modeling tools and practices
- Delivery of cyber security solution to remediation business risk and external threats
Desirable
- Accreditation or certification relating architecting, deploying and securing enterprise cloud platforms including Azure, AWS and Google
- Accreditation to ITIL foundations
- COBIT or equivalent, CISSP or equivalent
At RES we celebrate difference as we know it makes our company a great place to work. Encouraging applicants with different backgrounds, ideas and points of view, we create teams who work together to solve complex problems and design practical solutions for our clients. Our multiple perspectives come from many sources including the diverse ethnicity, culture, gender, nationality, age, sex, sexual orientation, gender identity and expression, disability, marital status, parental status, education, social background and life experience of our people.
#LI-ZI1