Your tasks

TUV SUD Limited, a leading global technical service provider, is seeking a highly skilled and knowledgeable Cybersecurity Expert to join our team in the United Kingdom. As a Cybersecurity Expert, you will play a critical role in ensuring the security and integrity of our clients' digital systems, focusing on compliance with the IEC 62443 series, OG86 and ISO 27001 standards.

Main Duties & Responsibilities

Contribute to the cybersecurity strategies aligned with industry best practices, which will have focus but may not be limited to the IEC 62443 series and ISO 27001 standards.

Perform assessments and gap analyses of customers’ OT systems, including active assets, integrated systems, products, and components, defining cybersecurity measures and identify vulnerabilities and risks. Evaluate compliance with EN 62443 and ISO 27001 requirements and provide recommendations for improvement. You should have experience in assessments applying OT/IACS security standards such as IEC 62443, HSE-OG86, NIST-CSF, NIS2, CRA, etc.

Perform regular audits to assess the effectiveness of cybersecurity controls and procedures. Identify areas for improvement and propose appropriate, cost-effective measures to enhance security posture and maturity of our customers products and installations.

Design and implement robust incident response plans to address potential cybersecurity incidents. Coordinate with internal teams and clients to promptly detect, respond to, and mitigate cyber threats.

Provide training and awareness sessions to clients and internal stakeholders to promote cybersecurity best practices and ensure compliance with EN 62443 and ISO 27001 standards.

Collaborate with cross-functional teams to review presented secure architectures and infrastructure solutions. Evaluate the suitability of new technologies and recommend security controls for their integration.

Perform penetration testing and vulnerability assessments, where appropriate, to identify weaknesses in systems and applications. Provide guidance on improvement measures and support the implementation of security patches and upgrades.

Assist in maintaining accurate documentation of cybersecurity processes, procedures, and controls. Generate comprehensive reports on assessment findings, audits, and security incidents for management and clients.

Your qualifications

Essential Criteria:

A degree (or equivalent) in computer science, Information Technology, or a related field.

Professional experience in cyber security, with a focus on EN 62443 and ISO 27001.

Proven track record of successfully implementing cyber security strategies and driving compliance initiatives.

In-depth knowledge of the EN 62443 series, other OT Standards and ISO 27001 standards.

Familiarity with common cybersecurity frameworks such as NIST Cybersecurity Framework and CIS Controls.

Strong understanding of network protocols, operating systems, and security technologies.

Experience with security testing tools, penetration testing, and vulnerability assessment methodologies.

Proficiency in conducting risk assessments and security audits.

Ability to analyse complex security challenges, identify root causes, and develop practical solutions. Strong problem-solving skills to address security incidents and mitigate risks effectively.

Practical understanding and demonstrated experience in software development.

Excellent written and verbal communication skills to convey complex security concepts to technical and non-technical stakeholders.

Proven ability to collaborate with cross-functional teams and build strong relationships with clients.

Maintain the highest level of professionalism, ethical conduct, and confidentiality while handling sensitive information and client data.

Desirable Criteria:

Relevant certifications such as CISSP, CISM, or GIAC are highly desirable.

Additional Information

If you are a passionate Cybersecurity Expert with expertise in the IEC 62443 series and ISO 27001, and you are seeking a challenging role in a dynamic and globally recognized organization, TUV SUD Limited welcomes your application. Join us in safeguarding digital systems.