EDL owns and operates a global portfolio of power stations in Australia, North America and Europe. Our vision is to be the leading global producer of sustainable distributed energy. At EDL, we are playing a key role in the world's transition from traditional energy sources to decarbonised solutions.

The successful individual will lead the Operational Information and OT Cyber Security function under Group Engineering. Responsible for maintenance, administration, support, enhancements of the various Engineering Applications, including the company's AVEVA PI production historian, and design, deployment, commissioning, operations, maintenance and support of the OT cyber security plan.

Key Areas of Reponsibility:

• Management of the Engineering Applications such as Management of Change (MOC) system, Document Management System, Engineering Planning tool, Desk Booking, Engineering SharePoint subsite, Password Vault.
  
• Management of the OT End-Point security platform.
  
• Management of the AVEVA PI Production historian. Maintenance, enhancement, support of the PI platform and its Azure located servers.
  
• Implement and Manage OT Security Measures.
  
• Design, implement, and manage cybersecurity measures to safeguard Operational Technology infrastructure.
  
• Conduct regular risk assessments and vulnerability assessments on OT systems.
  
• Alignment with EDL Cyber Security Strategy and maintain the strategy outlining key objectives and action plan from an OT cyber security responsibility.
  
• Ensure compliance with industry cybersecurity standards, including AESCSF, NIST, and IEC62443.
  
• Stay abreast of updates and changes to relevant standards and incorporate them into EDL's cybersecurity framework.
  
• Develop, implement and maintain incident response plans and activities for OT security incidents.
  
• Coordinate with cross-functional teams to address and mitigate cybersecurity incidents in a timely manner.
  
• Collaborate with IT and OT teams to ensure a holistic approach to cybersecurity.
  
• Communicate effectively with internal stakeholders, providing clear and concise updates on cybersecurity initiatives and potential risks.
  
• Support project delivery teams to ensure OT cyber security measures are considered in development of projects.
  
• Actively work with 3rd party and vendors to maximise value from products and services.
  
• Maintain security awareness and training programs to OT and Operational Staff to promote cybersecurity culture in conjunction with EDL cybersecurity awareness and training programs.
  
• Stay informed about emerging threats and vulnerabilities and disseminate relevant information to the team

Person Specification:

• Proficient in managing potential safety implications of engineering decisions and use of risk management practices to control hazards to ALARP (As Low As Reasonably Practicable).
  
• Excellent written and verbal communication skills with a high level of attention to detail.
  
• Ability to confidently present to both technical and business audiences.
  
• Demonstrated initiative, motivation, and high personal work standards to achieve Company and team objectives.
  
• Be able to lead a small team and support them and provide career development and training.
  
• Demonstrated ability in organising, developing and working with multi-disciplinary teams.
  
• Willingness to work flexibly, to undertake interstate and overseas trips as necessary and to work out of hours as and when reasonably required.
  
• Collaborate with stakeholders and build positive working with relationships with others such as Information Technology group, Operational Technology team, Engineering, Operations, Global Control Centre, and Analytics in the development of pragmatic cyber security initiatives.
  
• Appreciate the differences between IT and OT.
  
• Work in a dynamic, changeable environment, including management of conflicting priorities in high pressure situations.

Qualifications and Experience:

• Minimum 8 Years of proven experience in the field of cybersecurity, with a minimum of 5 years of relevant work experience as a lead in an OT environment.
  
• Previous experience in the power generation, utility or Major Hazard Facility industry.
  
• In-depth knowledge of cybersecurity standards such as AESCSF, NIST, and IEC62443.
  
• Experience implementing and maintaining security controls in alignment with these standards.
  
• Demonstrated experience working within a cyber security risk management framework.
  
• Demonstrated hands on experience with IP Networking, Next Gen Firewalls, IPS/IDS and Network traffic monitoring.
  
• Strong knowledge and experience with Continuous Threat Monitoring platforms.
  
• Ability to convey complex technical information to both technical and non-technical stakeholders.
• Experience collaborating with cross-functional teams, including IT and OT personnel.
  

Cyber Security industry Certifications which are a nice to have include:

• CISSP, GIAC, Security+, MCSE.
  
• SANS ICS410: ICS/SCADA Security Essentials or similar, SANS ICS515:ICS Visibility, Detection, and Response or similar
• ISA/IEC 62443 Cybersecurity Certificates or similar
  
• Certifications and experience with Azure architecture

EDL is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer.