Security Officer

Description:

The OT Security Officer will play a pivotal role in safeguarding OPEA and Offshore’s operational technology (OT) environment across renewable energy assets (onshore/offshore wind and photovoltaic sites). This role combines strong governance responsibilities with hands-on security activities to ensure that OT Security controls are effectively implemented and enforced at operational sites in a pragmatic manner.

The Officer will serve as the NIS Responsible Officer (NRO) contact for the UK regulatory authority (Ofgem) regarding compliance with the UK NIS Regulations and will oversee alignment with ISO/IEC 27001, IEC 62443, NIST, and the company’s OT Information Security Management System (ISMS). The position requires strong communication and influencing skills to drive compliance and awareness across technical, operational, and business stakeholders across the value chain of Development, Construction & Operations. The role is intended to be UK centric, however you would be occasionally expected to lead/support in central projects/tasks as part of a wider Governance team.

Responsibilities

Governance & Compliance
 

• Ensure implementation and enforcement of OT security policies, standards, and controls in all development and construction projects and operational assets.
• Manage and monitor compliance with ISO 27001, IEC 62443, and NIS/CAF Regulations across OT environments.
• Conduct and document periodic compliance reviews, audits, and risk assessments of OT systems.
• Act as the primary liaison with Ofgem and other UK regulators for all OT security-related compliance and reporting.
• Represent the company at UK Industry Meetings and working groups as well as staying ahead of the latest developments and innovation in the field
   

Risk & Assurance
 

• Identify, assess, and manage OT security risks, escalating appropriately to management and risk committees.
• Provide assurance to senior stakeholders on OT security posture and regulatory compliance.
• Develop and track OT security KPIs, metrics, and reports for local entity board members and group leadership.
   

Operational & Technical Activities
 

• Support deployment and verification of OT security controls across wind and solar sites (e.g., access controls, network segmentation, monitoring, patch management).
• Conduct technical compliance checks, penetration testing coordination with Operational sites, and vulnerability assessments within OT environments.
• Provide guidance and oversight on incident response, disaster recovery, and business continuity plans for OT.
• Collaborate with IT/OT engineering and operations teams to ensure security by design in new projects and upgrades.