Head of OT Cybersecurity
Apply NowGreenvolt is strengthening its cybersecurity leadership team and is looking for an experienced Head of OT Cybersecurity to lead and mature cybersecurity across our Operational Technology (OT) environments. This role will be key in ensuring the protection, resilience, and safe operation of our critical industrial and energy assets, while supporting IT/OT convergence and regulatory compliance, including NIS2.
Responsibilities: • Execute OT cybersecurity strategy and roadmap, aligned with business objectives, enterprise cybersecurity strategy, and regulatory requirements. • Act as the primary interface between OT, IT and Cybersecurity teams, ensuring clear ownership, aligned controls, and effective collaboration across functions. • Oversee the secure design, deployment and operation of OT environments, ensuring security‑by‑design and security‑by‑default principles are applied to new projects and upgrades. • Oversee incident response capabilities for OT environments, including preparation, detection, response and recovery from cyber incidents impacting industrial operations. • Supervise third parties and vendors involved in OT environments, ensuring cybersecurity requirements are embedded in contracts, procurement, and system lifecycle management. • Drive and execute OT cyber maturity improvement, defining KPIs, conducting periodic assessments, and supporting continuous improvement initiatives. • Ensure OT cybersecurity governance model, including policies, standards, architectures, and minimum security baselines for industrial environments. • Ensure compliance with regulatory and regulatory‑driven frameworks, notably NIS2, national critical‑infrastructure requirements, and relevant industry standards (e.g. IEC 62443, NIST SP 800‑82). • Lead OT cyber risk management, including asset visibility, threat modelling, vulnerability management, and risk assessments for industrial systems and sites. • Support executive management and the board with clear visibility of OT cyber risks, posture, incidents, and remediation plans.