Operational Technology Security Strategist

._

**Operational Technology Security Strategist**
- Collaborative and supportive team environment
- Be part of a high preforming team
- Based in Sydney - Ultimo or Eastern Creek (hybrid, WFH)

Transgrid works in a hybrid way. Choose where, when and how you work, based on the work you do.

**The Opportunity**

This is an exciting opportunity for a self-motivated individual to join the digital infrastructure team at Transgrid as the Operational Technology Security Strategist. The primary function of this role will be develop and detail life cycle cyber security strategies for Operational Technology assets owned and operated by Transgrid, spearhead cyber maturity uplift programs to meet recently amended SOCI compliance requirements, and provide informed advice and guidance to the Asset Management group on issues related to digital infrastructure asset cyber security.

This is a unique opportunity to help develop and drive cyber security strategy, and contribute to achieving Transgrid corporate objectives and compliance requirements within an increasingly complex Critical Infrastructure landscape.

**Duties and Responsibilities**

As an Operational Technology Security Strategist, you will:

- Prepare security strategy plans, developing, identifying and addressing security related operational technology (OT) infrastructure to support the requirements of the high voltage transmission network and changing legislative requirements
- Enhancing and implementing OT security practices, including design, implementation, support and effective cyber security risk management
- Review and analyse requirements for augmentation and/or replacement of OT security assets
- Ensure appropriate systems and tools are in place to support Cyber incident response teams
- Identify and implement improvements in the design and performance of OT security infrastructure
- Undertake research into, and keep abreast of, innovation and technical developments in relation to the performance of OT security assets
- Develop and update security maintenance plans to carry out efficient OT security maintenance practices
- Monitor and analyse the effectiveness of OT security maintenance to achieve optimal performance and cost efficiencies over the entire lifecycle of the assets
- Monitoring asset performance and reporting.

**Skills & Experience**

What we expect from you:

- A minimum 3+ years’ experience in OT and industrial control systems (ICS), risk assessments, security architecture, network and technology security
- Familiarity with security standards and frameworks including IEC62443, NIST, ISMS and AESCSF
- Knowledge of OT systems and environments preferably inclusive of a variety of high voltage protection/control IEDs, Remote Terminal Unit (RTU) type controllers, metering devices, grid monitoring devices, WAN architecture, SDH & MPLS-TP telecommunication networks, and Supervisory Control and Data Acquisition (SCADA) systems
- Experience with security and technologies such as intrusion detection systems, endpoint security solutions, access management solutions, SIEM, device asset management solutions, and network vulnerability scanning
- Working knowledge of current security threats and security technology evolution facing IT and OT
- Strong analytical, communication and consulting skills with knowledge of Operational Security and related technologies
- Analytical understanding of threats, vulnerabilities, and exploits in the IT and OT environments and appropriate mitigation techniques
- Experience with corporate governance and risk management processes (ISO31000 preferred)
- Familiarity with the electricity transmission network operating environment
- Commercial acumen including an ability to understand and critique financial analysis such as Net Present Values, Discounted Cash Flows and the like
- Effective analytical ability to research problems and prepare reports
- Excellent written and verbal communication skills

**Desirable Qualifications**
- Bachelor’s degree in Computer Science, Information Security, Engineering, or related field
- Industry certifications such as CISSP, GICSP or CISA

Applicants must:

- Be able to attend Sydney based office locations (hybrid and work from home flexibility possible)
- Be an Australian citizen, hold permanent resident status or be eligible to achieve permanent resident status
- Be capable of passing security background clearance investigation

**Recognition & Reward**

In return for your hard work we have numerous benefits and initiatives to support you personally and professionally including but not limited to private health insurance discount, motor vehicle lease plan, career development support, study assistance program and workplace flexibility.

Continue to make it happen for your career, and for the millions of Australians who rely on our services every day.