OT Security – GRC

Key Responsibilities

• Audits & Assurance Plan: Coordinate and support OT security audits, assessments and self‑assessments across sites and regions. Act as primary interface for internal audit, external auditors, regulators and assessors on OT security matters. Ensure audit findings are risk‑assessed, prioritised, tracked and remediated in collaboration with stakeholders. Maintain evidence, documentation and artefacts required to demonstrate compliance. Support alignment and assurance activities with applicable OT cybersecurity standards and regulations.
• Risk Management Lead: Maintain OT cyber risk assessments, considering security, safety, environmental, assets and regulatory impacts aligned to IEC 62443. Ensure OT risks are documented, owned and aligned with risk management frameworks. Define and maintain risk registers, including threat, vulnerability and consequence‑based risks. Support risk treatment planning and track risk acceptance, mitigation and re...