Senior OT GRC Specialist

JOB DESCRIPTION

Due to the rapid growth taking place at Tekgem we are looking to expand our Governance, Risk & Compliance (GRC) team and have roles available for a senior OT GRC specialist.

Responsibilities

• Assist in developing and implementing internal business processes to streamline operations within the GRC team.
• Participate in customer engagements to gather initial requirements and support the creation of proposals for work.
• Independently conduct IACS health check and risk assessments
• Drive the design process for new technical solutions based off of GRC output and outcomes for customers/clients
• Act as a mentor for junior team members, including apprentices, to support their development and career growth.
• Work with the commercial team to provide input on technical quotes and ensure accuracy and feasibility.
• Assist the GRC Lead and operations manager in planning and coordinating GRC-related projects.
• Support the management of IACS governance projects, serving as a point of contact for specific project deliverables.
• Stay updated on preferred Tekgem technologies and regulatory changes to ensure team-wide awareness and compliance.
• Stay up to date and familiar with regulatory changes
• Assist in maintaining and updating standard procedures for routine configuration tasks within the GRC function.
• Contribute to the development and delivery of internal training programs for GRC and engineering staff.
• Provide expert guidance to customers on regulatory compliance matters in alignment with GRC best practices.
• Act as an escalation point for complex issues, ensuring they are addressed in a timely and effective manner.
• Identify opportunities to improve working practices and contribute to the implementation of these improvements.
• Conduct and support investigations, lead lessons learned sessions, and perform root cause analysis (RCA) for incidents and service delivery improvements, providing actionable recommendations to prevent recurrence.
• Take ownership of maintaining and managing Tekgem or client documentation, ensuring it is accurate, up-to-date, and compliant with internal and client-specific requirements. Provide guidance to junior team members in handling documentation.
• Support the GRC Lead in setting SMART goals for the team and monitoring progress toward achieving them.
• Promote a collaborative and inclusive team culture, ensuring effective communication and mutual support.
• Collect and analyse performance data to provide insights and recommendations for improving project delivery outcomes.

Skills

• In depth knowledge of securing infrastructure & networks. Additional knowledge of IACS specific environments. This includes IACS architectures, communication, protocols and technologies.
• An awareness of current IACS regulatory requirements and best practices (HSE-OG-0086, NCSC CAF, IEC62443, NIST etc)
• Possess and apply advanced knowledge of cybersecurity frameworks, standards, and practices to analyse risks, guide compliance efforts, and mentor junior team members on cybersecurity topics
• Excellent communication skills
• Excellent time management skills
• Excellent attention to detail
• Excellent analytical skills to understand, digest customer requirements, anticipate potential problems and solutions
• Ability to delegate tasks within the team
• Ability to write, review and approve technical documentation and proposals

Qualifications

• Associate degree or technical institute degree/certificate or equivalent apprenticeship
• Minimum 5 years hands on experience working in a cyber security role
• ISC2 CISSP or
• CompTIA Cyber Security Track (up to CySA+) or equivalent (e.g., CySA+, PenTest+, GSEC) Dependent on discipline background
• GICSP, or alternative Industrial Specific Cyber Certification