Cyber Security Policy & Procedure Specialist
Posted 6 days ago by ERSG Ltd
£733 Per day
Outside
Hybrid
Warsaw, Masovia
Summary: The Cyber Security Policy & Procedure Specialist will be responsible for aligning IT and OT cybersecurity governance, defining security interfaces, and translating regulatory requirements into actionable documentation. This role involves supporting vendor contracting processes and working independently with various stakeholders. Experience in energy or critical infrastructure sectors is highly preferred. The position is a 10-month contract with hybrid working arrangements.
Key Responsibilities:
- Ensuring alignment of IT and OT cybersecurity governance, including defined roles, responsibilities, and escalation paths
- Defining security interfaces and responsibility boundaries between asset owners/operators, the TSO, external stakeholders, vendors, service providers, and system integrators
- Translating regulatory and legal requirements into practical, auditable cybersecurity governance documentation
- Ensuring traceability between legal and regulatory requirements, security policies, and implemented controls
- Supporting vendor contracting processes related to Service Agreements in the areas of Cyber Security, IT, and OT
- Working independently and interfacing with legal, IT, OT, and operational stakeholders
- Supporting Baltic Power with the formalization and implementation of cyber security governance documentation
- Developing policies and procedures that are aligned with European Union Directive and standards as well as Polish regulatory requirements
- Designing, structuring, and crafting of cyber security policies and procedures for the Corporate IT environment
Key Skills:
- Proven experience delivering cyber security policies and procedures in regulated environments
- Hands-on experience with NIS2 and European critical infrastructure regulation
- Familiarity with Polish cyber security legislation and regulatory expectations
- Strong understanding of IT and OT cyber security, including industrial control systems
Salary (Rate): £733/day
City: Warsaw
Country: Poland
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Cyber Secruity Policy & Procedure Specialist
10 Month contract
Hybrid working
ASAP Start
Major Tasks
- Ensuring alignment of IT and OT cybersecurity governance, including defined roles, responsibilities, and escalation paths
- Defining security interfaces and responsibility boundaries between asset owners/operators, the TSO, external stakeholders, vendors, service providers, and system integrators
- Translate regulatory and legal requirements into practical, auditable cybersecurity governance documentation
- Ensuring traceability between legal and regulatory requirements, security policies, and implemented controls
- Supporting vendor contracting processes related to Service Agreements in the areas of Cyber Security, IT, and OT
- Work independently and interface with legal, IT, OT, and operational stakeholders
PLEASE NOTE: Experience in energy, utilities, offshore wind, or other critical infrastructure sectors is highly preferred
Key Responsibilities
- Support Baltic Power with the formalization and implementation of cyber security governance documentation
- Develop policies and procedures that are aligned with European Union Directive and standards as well as Polish regulatory requirements
Key Deliverables
- Design, structuring, and crafting of cyber security policies and procedures
- Policies and procedures for the Corporate IT environment
Qualifications
- Proven experience delivering cyber security policies and procedures in regulated environments
- Hands-on experience with NIS2 and European critical infrastructure regulation
- Familiarity with Polish cyber security legislation and regulatory expectations
- Strong understanding of IT and OT cyber security, including industrial control systems
ersg are an equal opportunities employer; we are committed to promoting equality of opportunity for all job applicants. We do not discriminate against applicants on the basis of age, sex, race, disability, pregnancy, marital status, sexual orientation, gender reassignment or religious background; all decisions are based on merit.