Description
At AXEN IT Consulting we are growing exponentially with clients with great growth projections, We have more than 25 years of experience in the information technology services market, Focused on our growth and at the same time offering improvement plans to our talent, We are currently looking for " OT Risk & Compliance " with the profile:
Resource Description
Define OT Cybersecurity steering committee and advisory board.
Policy management, security awareness for OT
Ensure Cybersecurity compliance in OT environments with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
**Requirements**:
- BS or MA in computer science, information security, cybersecurity or a related field
- 3+ years of experience in an IT audit or enterprise risk management (ERM) role
- 3+ years of experience with regulatory compliance and information security management frameworks (e.g., IS0 27000, COBIT, NIST 800, etc.)
**Desired, but not required**:
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)
- Knowledge on NIST 800 OT cybersecurity controls
Knowledge and Skills
- An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- An ability to effectively influence others to modify their opinions, plans or behaviors
- Excellent prioritization capabilities, with an aptitude for breaking down work into manageable parts, and effectively assessing the priority and time required to complete each part
- An ability to identify and assesses the severity and potential impact of risks and communicate risk assessment findings to risk owners outside cybersecurity in a way that consistently drives objective, fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance
- Strong problem-solving and trouble-shooting skills
**Responsibilities**:
Define OT Cybersecurity policies.
Develop metrics framework that effectively measures Cybersecurity risks for OT
Performs OT risk assessments of existing or new services and technologies, along with business counterparts.
Define OT Security Standards (NIST, IEC, etc.) coordinate implementation and certifications with OT Regional and Local Teams
Identifies opportunities to improve risk posture, developing solutions for remediating or mitigating risks and assessing the residual risk.
Communicates risk assessment findings to risk owners and custodians and governance teams.
Follow all OT Cybersecurity risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with frameworks, policies and standards set by the organization.
Assists to perform and responding to audits, penetration tests and vulnerability assessments.
Develops, reviews, implements and maintains targeted Cybersecurity awareness program to mitigate human risks on OT environments.
Coordinate with IT Cybersecurity Governance Risk & Compliance team
3 years