OT Cyber Security Analyst

Who we are We’re not just talking about making a difference, we’re making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the global leader in sustainable biomass and carbon removals. You’ll be joining our teams of practical doers, future thinkers and business champions. We’re enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come.

About the role As OT Cyber Analyst, you’ll be responsible for monitoring, assessing, and securing  Drax’s operational technology (OT) systems, including industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems, against cyber threats and vulnerabilities. The role will play a key role in ensuring the reliability and safety of UK critical national infrastructure.

Cybersecurity Monitoring: Continuously monitor the efficacy and maintain OT security monitoring solutions deployed within the OT environment. Threat Analysis: Analysing and identifying potential cyber threats and vulnerabilities, assess their impact, and prioritize responses accordingly. Incident Response: Developing and implementing incident response plans for handling cyber incidents in OT environments, including containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities in OT systems and coordinate with relevant teams to remediate them. Security Assessment: Conducting security assessments and facilitate penetration testing of OT systems to identify weaknesses and recommend security improvements.
Policy Development: Contributing to development and maintenance of cybersecurity policies and procedures specific to OT environments. Compliance and Regulations: Ensuring compliance and providing SME support to programmes of work delivering transformation in line industry standards such as IEC62443 and Industry regulations (NIS, CAF, OG86 and HSE). Network Security: Implementing and managing security controls for OT network segments to protect against unauthorized access and data breaches. Collaboration: Collaborating with IT and Generation Engineering/Operation teams to ensure alignment between IT and OT cybersecurity efforts. Documentation: Maintaining detailed records of security incidents, assessments, and remediation efforts.