IT and digital

Join us in this role where you’ll lead our OT SOC and vulnerability management operations. You’ll be shaping and steering the Operational Technology (OT) Security Operations Coordination (SOC) and vulnerability management function, working across regional engineering, Generation Digital & Technology operations, and cybersecurity teams to protect our critical OT infrastructure. You will ensure that cyber risks are proactively managed and mitigated, operational cybersecurity controls are continuously improved, and regulatory compliance is demonstrated through reliable, evidence-based processes.

Welcome to Generation Digital & Technology OT Systems Department
You’ll be part of the OT Guard function within OT Systems Operations, where you, together with your colleagues, will ensure secure, stable, and compliant OT environments across our global wind farm fleet. You’ll act as the focal point for OT vulnerability management and SOC operations, driving continuous improvement and leading incident and risk response processes in collaboration with our Cyber Defense Centre (CDC) and site teams.

You’ll play an important role in:

• leading the OT SOC function, including triage, prioritization, and documentation of security monitoring events and vulnerabilities
• acting as the operational owner for vulnerability management processes in OT systems, aligning with ISMS controls and compliance requirements
• steering the collaboration between the CDC and OT Guard, including managing SOC service quality and handling escalations
• driving and maturing the vulnerability lifecycle in coordination with regional engineering and OT operations (e.g. detection, risk scoring, patch planning, mitigation)
• creating and maintaining OT vulnerability dashboards, KPIs, reports, and control documentation
• supporting implementation of asset inventory logic tied to patch groups, IP zones, and risk zones across SCADA and OT networks
• defining and updating work instructions and operational rules for OT vulnerability handling, including Service Now-based workflows
• coordinating with suppliers and asset owners on vulnerability advisories, SLA alignment, and incident response
• participating in audits and regulatory readiness efforts (e.g. NIS/NIS2, ISO27001, IEC62443), ensuring traceability and evidence for vulnerability controls.

To succeed in the role, you: 

• have an engineering, Cyber Security or similar degree
• have experience in vulnerability management and SOC operations, ideally in critical infrastructure or OT-heavy environments
• bring deep technical knowledge of cybersecurity across TCP/IP networks, operating systems, and ICS/SCADA environments
• have experience with tooling and standards such as : IDS, SIEM, Antivirus, Ticket management in Service Now o ISO27k, IEC62443 o NIS EU, NIS-CAF, NERC CIP, BEK, BSI KRITIS
• are comfortable assessing vulnerabilities and risks, and guiding decision-making around patching, mitigation, or compensating controls
• can manage operational processes and services with multiple internal and external stakeholders (e.g. suppliers, SOC vendors, operations teams)
• are familiar with incident, problem, change management processes and can integrate vulnerability workflows into them
• have excellent analytical and communication skills, and can translate complex cybersecurity issues into actionable plans and reports
• are structured, self-driven, a team player and comfortable operating in a fast-paced, international environment.

Maybe you’ve read the above and can see you have some transferable skills, even though they don’t quite match all the points. If you think you can bring something to the team, we still encourage you to apply.

Shape the future with us
Send your application to us as soon as possible. We’ll be conducting interviews on a continuous basis and reserve the right to take down the advert when we’ve found the right candidate.

As an applicant or employee, you may request reasonable work and position accommodation or adjustments via accommodation@orsted.com.

Please note that you’re expected to do some travelling in relation to your work, as you’ll be working in a hybrid model from the office location based in Gentofte or Skaerbaek.

Please note that for your application to be taken into consideration, you must submit your application via our online career pages and answer the screening questions relevant for your country. We don't take applications or inquiries from external recruiters or agencies into account for this position.