Security Officer (mwd) Operational Technology

RWE Renewables Europe & Australia GmbH

To start as soon as possible full time permanent

Functional area: IT / Digital

The OT Security Officer will play a pivotal role in safeguarding OPEA and Offshores operational technology (OT) environment across renewable energy assets (onshore / offshore wind and photovoltaic sites). This role combines strong governance responsibilities with hands‑on security activities to ensure that OT Security controls are effectively implemented and enforced at operational sites in a pragmatic manner.

The Officer will serve as the NIS Responsible Officer (NRO) contact for the German regulatory authority (BSI & BNetzA) regarding compliance with the NIS Regulations and will oversee alignment with ISO / IEC 27001 IEC 62443 NIST and the company’s OT Information Security Management System (ISMS). The position requires strong communication and influencing skills to drive compliance and awareness across technical operational and business stakeholders across the value chain of Development, Construction & Operations. The role is intended to be German‑centric however you would be occasionally expected to lead/support in central projects/tasks as part of a wider Governance team.

The role is subjected to either you holding Security Clearance or be eligible and willing to go through Security Clearance.

• Ensure implementation and enforcement of OT security policies, standards and controls in all development and construction projects and operational assets.
• Manage and monitor compliance with ISO 27001, IEC 62443 and NIS/CAF Regulations across OT environments.
• Conduct and document periodic compliance reviews, audits and risk assessments of OT systems.
• Act as the primary liaison with BSIBNetzA for all OT security‑related compliance and reporting.
• Represent the company at German Industry Meetings and working groups as well as stay ahead of the latest developments and innovation in the field.

• Identify, assess and manage OT security risks, escalating appropriately to management and risk committees.
• Provide assurance to senior stakeholders on OT security posture and regulatory compliance.
• Develop and track OT security KPIs, metrics and reports for local entity board members and group leadership.

• Support deployment and verification of OT security controls across wind and solar sites (e.g. access controls, network segmentation, monitoring, patch management).
• Conduct technical compliance checks, penetration testing coordination with operational sites and vulnerability assessments within OT environments.
• Provide guidance and oversight on incident response, disaster recovery and business continuity plans for OT.
• Collaborate with IT / OT engineering and operations teams to ensure security by design in new projects and upgrades.

• Act as a trusted advisor and single point of contact for OT security within the designated region of responsibility.
• Communicate OT security risks, compliance status and incident findings clearly to both technical and non‑technical stakeholders, including local board members.
• Influence and guide site personnel, engineers and management to implement required controls.
• Promote a culture of security awareness and accountability across operational sites.
• The role will require you to travel and be close to the operational and engineering stakeholders across the German onshore and offshore fleet. This may require you to hold or undertake GWO Offshore certifications.

• 5 years experience in cybersecurity with at least 35 years in OT/ICS security within critical infrastructure, energy utilities or industrial environments.
• A successfully completed degree in computer science, business or business informatics.
• A strong understanding and experience in working with the KRITIS and IT‑Sicherheitskatalog requirements.
• A significant amount of knowledge in IT & Operational Technologies (OT) including industry standards IEC62443, NIST SP 800‑82.
• Strong analytical thinking skills paired with a high focus on results and services.
• At least 3 years experience in Business Continuity Management.
• Excellent skills in reporting and engaging with top management, influencing and engaging stakeholders at all levels.
• ISO27001 Implementer and Auditor certification.
• Certifications in CISSP and / or GICSSP.
• ITIL or COBIT exposure is advantageous.
• ICSOT engineering experience is essential, i.e. a deep understanding and hands‑on experience with SCADA PLCs and how plant control environments are designed and operated.
• An excellent understanding and experience of priorities between OT and IT.

• Flexible and hybrid working enabling a balance between remote work and in‑office collaboration.
• Company pension scheme to help secure your future.
• Employee stock programme giving you a stake in our success.
• Training and development opportunities to support your professional growth.

The role application period: 30 Nov 2025. Apply with just a few clicks, ad code 91208.

Contact HR: Ivan Malcolm DSilva.

We look forward to meeting you. You can find us on LinkedIn, Instagram, Facebook, YouTube and Xing.

We value diversity and therefore welcome all applications – regardless of gender, disability, nationality, ethnic and social origin, religion or belief, age, sexual orientation and identity. #inclusionmatters

RWE Renewables Europe & Australia is a leading player in the renewable energy sector with over 30 years of experience. We currently operate onshore wind farms, solar plants and battery storage systems with around 5 GW of installed capacity in our core markets in Europe and Australia.

Supported by a workforce of around 2 000 employees, we continue to expand our renewable generation capacity in a value‑accretive way. Our expertise spans the entire project lifecycle: we develop, plan, finance, build and operate our projects. With a strong project pipeline, we are working with communities to create a long‑term value for everyone today and for the future.

Unclear Seniority

• CCTV
• Customer Service
• Communication skills
• Computer Skills
• ICD Coding
• Military Experience
• Law Enforcement
• NIST Standards
• Security
• DoD Experience
• RMF
• Writing Skills

Employment Type: Full‑Time

Experience: years