Las cualificaciones, habilidades y toda la experiencia relevante necesaria para este puesto se pueden encontrar en la descripción completa a continuación.
Responsibilities include but are not limited to:
1.
Audits & Assurance
Plan, coordinate and support OT security audits, assessments and self-assessments across sites and regions.
Act as the primary interface for internal audit, external auditors, regulators and assessors on OT security matters.
Ensure audit findings are risk-assessed, prioritised, tracked and remediated in collaboration with stakeholders.
Maintain evidence, documentation and artefacts required to demonstrate compliance.
Support alignment and assurance activities with applicable OT cybersecurity standards and regulations.
2.
Lead and maintain OT cyber risk assessments, considering security, safety, environmental, assets and regulatory impacts aligned to 62443.
Ensure OT risks are documented, owned and aligned with risk management frameworks.
Define and maintain risk registers, including threat, vulnerability and consequence-based risks.
Support risk treatment planning and track risk acceptance, mitigation and residual risk decisions.
Translate technical OT risks into clear, business-relevant risk statements for leadership and governance committees.
3.
Supply Chain & Third-Party Risk Management
Own and maintain OT security requirements for suppliers, consultants and vendors.
Assess and manage third-party cyber risks associated with OT systems, software, hardware and remote access.
Support secure onboarding and ongoing assurance of critical OT suppliers and service providers.
Ensure contractual and procurement processes include appropriate OT security access, and resilience requirements.
Monitor and respond to supply-chain-related vulnerabilities, advisories and incidents.
4.
External Compliance Training & Awareness
Own and coordinate OT security strategy for training and awareness for internal teams, contractors and relevant third parties.
Ensure training content reflects real OT risks, regulatory expectations and operational realities.
Support compliance-driven training obligations required by regulators, customers/contractual commitments.
Promote a risk-aware and safety-conscious security culture across engineering and operations.
Track and report on training and awareness completion and effectiveness where required.
5.
Support and govern OT-specific incident response planning and readiness.
Ensure OT incident response procedures are aligned with safety, operational and regulatory requirements.
Coordinate OT involvement during incidents, including forensics, reporting and post-incident reviews.
Ensure lessons learned are captured and translated into improvements to controls and processes.
6.
Business Continuity & Disaster Recovery (BCP/DR)
Support the development and governance of OT business continuity and disaster recovery plans.
Ensure BCP/DRP reflects realistic OT recovery scenarios, dependencies and constraints.
Align OT recovery objectives with safety, production and regulatory expectations.
Participate in and support BCP/DRP testing, exercises and reviews.
Ensure cyber-related disruptions are considered within operational resilience planning.
7.
Act as a central point of coordination between security, engineering, operations, legal.
HSEQ and compliance.
Maintain OT security policies, standards and procedures within the GRC domain.
Support executive and board reporting on OT security risk, compliance status and resilience.Drive continuous improvement of the OT security governance framework CSMS.
Knowledge, Skills and Abilities
5-7 years’ strong knowledge of OT cybersecurity governance, risk and compliance.
Strong expertise of IEC 62443 series.
Understanding of cyber/physical risk, safety, environmental, assets and regulatory impacts.
Experienced understanding of industrial environments, OT lifecycles and operational constraints.
Skilled in conducting/coordinating OT security audits, assessments, compliance activities and maintaining risk registers.
Able to support IR, BCP and DRP planning and exercising.
Delivering and coordinating OT training and awareness strategies.
Expert in preparing clear documentation, evidence and executive-level reporting.
Ability to communicate complex risk clearly to technical and non-technical audiences.
Ability to work across global and regulated environments.Cross-team collaboration, attention to detail, documentation discipline, risk communication & continuous improvement mindset
At Impala, we store and handle the essential energies and resources that matter, helping global supply meet demand more effectively.We’re a leading global storage infrastructure operator that stores, handles and moves the essential resources people depend on.
At Impala we provide reliable and sustainable end-to-end services to our global partners for the smooth supply of liquid energy and base metals that are critical to everyday life, through our portfolio of 30 terminals in 15 countries across Latin and Central America, Europe and UK, Africa and Australasia.We design, develop and operate key infrastructure and logistics assets across multiple modes of transport, from inland areas of production and consumption to our network of inland ports and deep-sea terminals.
Our infrastructure platform serves as a one-stop-shop, allowing us to provide tailored and efficient services to store and move commodities for our customers, safely, securely and efficiently.Our experienced teams bring extensive knowledge and understanding of their local markets and operating environments; and we take pride in providing reliable, consistent and quality service at every stage of the value chain.To ensure the long-term sustainability of our business each of our assets is backed by one or more anchor customer; we also complement this with third party customers, and consider them all as partners with whom we look to build long-lasting relationships.Impala Terminals Group is a 50:50 joint venture between leading supplier of commodities Trafigura and IFM Investors, the global investment management firm.
Outside the joint venture, Impala also manages a number of Trafigura-owned port logistics, storage and transportation assets, which support Trafigura’s activities and third‐party trade flows in the Americas, Europe, the Middle East and Africa.Visit our website to find out more about where we operate:
Maintaining the highest operational, environmental, and safety standards is central to our business. xugodme
So wherever operate, our 1,550-strong team is committed to conducting our activities in a manner that is safe and that protects our employees, the environment and the local communities.Our interests are long term, and securing a sustainable and responsible business is essential to providing the continuous excellence we strive for.Find our more about our commitments and performance in our Sustainability Report:
¿Te interesa este puesto?