Regions
Location
  • Warwick, Warwickshire
Job types
  • Permanent
Salary

£60000 - £62000 per annum

Functions
  • Analyst
Seniority
  • Mid-level
Technologies
  • AWS
Job reference

BBBH105250_1725361639

OT Risk Analyst (Warwick)

Job Purpose:

  • Responsible for managing, leading, controlling, and supporting the GT&M Security Risk process, inclusive of physical, OT, CNI and IT environments.
  • Managing and developing a new GT&M security risk framework covering business, supply chain and operational risk management
  • Representing security risk on the central GT&M enterprise risk working group
  • Ensuring stakeholders are fully engaged with the security risk framework, including senior leaders
  • Collating various metrics and systems including business, IT and Systems Operator and Transmission Operator risk to provide a single risk view
  • Adhering to all Gas Transmission and Metering IT and Security Risk standards and procedures as determined by the GT&M risk governance team.
  • Define Risk Management Information and Key Risk Indicators for all levels of the business.
  • Point of contact for periodic risk assessments and risk audits with external government entities, including NIS annual assessments.
  • Identifying new or changed risks including risk mitigation steps as part of a cohesive risk management plan.

Key Accountabilities:

  • plan, design and implement an overall security risk management process in line with CISO expectations
  • undertake risk assessments, analysing risks, identifying and estimating risk criteria
  • evaluate risk by benchmarking estimated risks with established risk criteria
  • establish and quantify Security and Business Risk appetite
  • report risk at various levels and for differing audiences
  • liaise with external risk governance including risk obligations under the NIS Regulations (CAF)
  • provide risk analysis to support regulatory submissions
  • liaise with legal, procurement and contract business functions supporting customer and supplier risk assessments
  • provide risk insight for company insurance policies including IT and cyber risk
  • conduct policy and process assessments and audits
  • provide support, education and training advice to build risk awareness
  • support risk reduction programmes and monitor and define benefits realisation

Previous Knowledge and Experience:

  • A good extensive knowledge of Risk Management including the establishment of new risk management frameworks
  • An understanding of Business, IT and Cyber risk
  • Has proven leadership, stakeholder management, communication and presentation skills
  • A good track record of delivering complex problem solving with resilience and ability to cope under pressure
  • Demonstratable technical acumen, analytical and planning skills with a focus on detail
  • Commercial and financial awareness
  • CISM, IRM, IIA or equivalent experience

Apply for job

You can apply to this job and others using your online CV. Click the link below to start