Information & Cyber Security Advisor

Our client leading Oil & Gas Company are currently recruiting for an Information and Cybersecurity Advisor to join the team on either a contract or perm basis.

Job Profile Summary

The Information & Cybersecurity Advisor is responsible for safeguarding information assets and ensures IT initiatives align with business objectives. Acting as a strategic partner, they develop and maintain a robust IT policy framework, manage the IT risk register, and identify emerging compliance requirements. By creating insightful KPIs, they track both IT service value and areas for improvement. The advisor collaborates with internal teams to deliver secure and compliant IT solutions, while also championing continuous improvement through effective communication and process reviews.

Accountabilities and Responsibilities

• Develop and maintain an integrated and business-aligned IT policy framework, streamlining policy documentation and removing redundancies when necessary

• Develop and maintain the IT risk register, coordinating IT risk assessments and monitoring mitigation progress

• Identify emerging IT regulatory compliance obligations and ensure visibility and awareness within relevant IT teams

• Develop insightful IT KPI criteria to track both service value and areas for further improvement

• Leverage partnerships with the central team to gain expertise and implement in the ways of working for the team

• Be a strategic partner for the RRUK business following the Repsol philosophy and new standard of working

• Collaborate with the Information & Cybersecurity Lead to ensure IT services are implemented compliantly, mitigating risks and delivering high-quality solutions

• Provide expert advice on delivering robust and secure IT services and projects that meet both business needs and internal/regulatory compliance requirements

• Identify, assess, and advise on security gaps, recommending and planning security improvements

• Provide technical expertise on operational security tools (Data Loss Prevention, 3rd Party Supplier Risk assessments, Incident response, etc,)

• Supports the implementation of improvements for key security tools and processes (SIEM, Endpoint Security, DLP, etc.).

• . Facilitate the identification and assessment of Cybersecurity related risks

• Oversee internal testing processes of IT controls and collaborate with stakeholders to address identified deficiencies

• Coordinate the delivery of external legal and security-related information

• Participate in periodic reviews of IT projects and initiative delivery lifecycles to ensure process compliance and recommend improvement actions

• Firmly understand the threat of Cyber Attacks in IT and OT environments

Professional Skills and Experiences

• Extensive, proven experience of IT in offshore Oil & Gas industry, preferably in a service delivery role

• Experience in IT Project Management

• Experience of working on a variety of Cybersecurity Incidents is preferred

• Possesses good interpersonal skills and demonstrative customer focused experience

• Experience in cybersecurity projects involving Risk Analysis, Vulnerability Assessments and Network Security

• Foundation knowledge in Information Technology Infrastructure Library (ITIL) is preferred

• Possesses ability to work independently and unsupervised defining appropriate priorities and working to deadlines

Educational Qualification and Certifications

• Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or related field

• Certified Information System Auditor (CISA) and Global Information Assurance Certification (GIAC) are amongst the

preferred certifications

• The role may require travelling offshore for certain business requirements