OT Cyber Security Lead

Company Description

Assystem is an international company with one mission: accelerate the energy transition around the world.

Every day, our 6,500 switchers located in 12 countries (Europe, Middle East, Pacific Asia & Africa) connect their six thousand billion neurons to tackle the task of the century: switching to low-carbon energy.

We are a collective committed to the actors who are making the energy switch. Sharing our knowledge, expertise and values allows us to innovate and think differently about the energy transition.

Drawing on more than 55 years' experience in highly regulated sectors subject to strict security and safety requirements, we provide our customers with engineering and project management services, as well as digital services and solutions to optimize the performance of complex infrastructure projects throughout their life cycle. The Group is currently ranked second in the world for nuclear engineering.

To ensure a viable, efficient, and reliable energy future for all.

Job Description

• Support and deliver the OT Commissioning Security Plan to outline the site security arrangements for I&C systems delivered to site in alignment with the I&C Site Security Arrangements Guidance. This includes but is not limited to specifying rules of access to the rooms with I&C cabinets, rules for the cabinets access, removable media policies and procedures, portable computing devices policies and procedures, asset inventory and management processes and solutions, ongoing security assurance of I&C systems, etc.
• Provide additional SME advice to cover the practical rules of cybersecurity if not covered in the OT commissioning Security Plan for example provide guidance for malware checks of OT devices, storage of devices, management of passwords and similar.
• Provide cyber security support for the management of the temporary modifications on site with the support of one commissioning engineer
• Provide cyber security input to the management of the design changes with the support of a commissioning engineer
• Provide cyber security input to the management of the I&C configuration with the support of a commissioning engineer
• Develop and deliver procedures to define rules for periodic security check on a regular basis of safety I&C cabinets (centralised or dedicated) during installation and commissioning phase
• Perform risk assessments for I&C systems utilising our HPC security risk methodology and provide recommendations on cyber controls to mitigate risks. Ongoing management of I&C cyber security risks.
• Confirming adequacy of site security arrangements by the Suppliers (when different from generic HPC ones) for example for storage on-site, cabinet access, installation processes, etc
• Assuring the security state of the I&C systems as they are delivered to site
• Support ongoing assurance of the Supplier’s arrangements for IT and OT at HPC during construction, installation and commissioning.
• Support TCO security teams in the production of I&C cyber security cases by providing information about site I&C site security arrangements and I&C site assurance activities.

Qualifications

Essential: 

• Previous experience in a Cyber Security role preferably within the Nuclear/Engineering industry
• Good communication skills 
• Ability to work within complex large organisations 

Desirable: 

• Experience in CCTV 
• Previous experience as an engineer within the nuclear industry 

Additional Information

We are committed to equal treatment of candidates and promote, as well as foster all forms of diversity within our company. We believe that bringing together people with different backgrounds and perspectives is essential for creating innovative and impactful solutions. Skills, talent, and our people’s ability to dare are the only things that matter !. Bring your unique contributions and help us shape the future.