IT- Cyber Security Manager
- PAYE Rate Negotiable (inside IR35)
- Scotland, Aberdeen City, Aberdeen
- Contract
Our client is currently recruiting for the position of IT- Cyber Security Manager for our oil & gas operator client, based in Aberdeen.
Please note that this role cannot be worked remotely and would require the successful candidate to be based in Aberdeen for the duration of the contract.
Responsibilities:
- Development and execution of company’s cyber strategy and risk posture.
- Define and implement cybersecurity policies, standards, and procedures aligned to ISO27001, NIST, and OG86 frameworks.
- Conduct regular threat assessments and ensure alignment of security controls with business risk appetite.
- Monitor compliance with regulatory and shareholder cybersecurity obligations, including NIS2 and UK critical infrastructure laws.
- Responsible for Information Risk Management across the IT function.
- Lead cybersecurity operations including Security Operations Centre (SOC), SIEM management, and incident response coordination.
- Oversee vulnerability management, patch management, and threat detection for both IT and OT systems.
- Partner with IT and OT teams to embed security across network infrastructure, cloud services, and field operations.
- Manage third-party security risk, including joint venture interfaces, vendors, and BPO service providers.
- Build, lead, mentor, and develop a high-performing cyber security team.
- Champion a strong security culture across Adura through education, awareness, and engagement.
- Lead cyber and IT risk assessments across the enterprise, producing mitigation plans and escalating risks appropriately.
- Act as a subject matter expert (SME) during audits, regulator reviews, and board reporting cycles.
- Support the separation of company’s IT estate from Shell and Equinor legacy systems, ensuring cyber risk is proactively managed during transition.
- Design and implement the foundational security architecture for a greenfield technology landscape, including secure cloud, identity management, and endpoint protection.
Experience & Qualifications:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field.
- Significant experience in IT risk management or cybersecurity roles, including relevant experience in leadership/management.
- Familiarity with security frameworks (NIST CSF, ISO 27001), regulatory requirements (NIS2, GDPR), and OT standards (IEC 62443, OG86).
- Strong vendor and stakeholder management skills.
- Professional certifications such as CISSP, CISM, or SANS GIAC.
- Deep understanding of both enterprise IT and industrial control systems (ICS/SCADA) in upstream energy.
- Proven experience in managing SOC operations, incident response, and threat intelligence.
Contract position
If you feel that you are well suited to the above opportunity and would like to find out more then please contact Orion Group for more information or apply by forwarding your current CV quoting reference: TR/078972.
Our role in supporting diversity and inclusion
As an international workforce business, we are committed to sourcing personnel that reflects the diversity and values of our client base but also that of Orion Group. We welcome the wide range of experiences and viewpoints that potential workers bring to our business and our clients, including those based on nationality, gender, culture, educational and professional backgrounds, race, ethnicity, sexual orientation, gender identity and expression, disability, and age differences, job classification and religion. In our inclusive workplace, regardless of your employment status as staff or contract, everyone is assured the right of equitable, fair and respectful treatment.
