OT Cybersecurity Expert

We are EDP a global energy company present in around 29 markets with a particular emphasis on renewable energies. With more than 45 years of experience we have been consolidating a relevant presence on the world energy scene based on the commitment to be all-green by 2030 leading the energy transition. With more than 13000 employees around the world we are committed to using our energy and heart to drive a better tomorrow.

The mission of this role is to ensure the security resilience and compliance of RGAs WS&S Operational Technology (OT) environments worldwide. The OT Cybersecurity Expert will design implement and maintain robust cybersecurity architectures standards and controls aligned with EDP Group governance and international regulations.

This role supports RGAs WS&S global OT footprint driving security compliance with NIS2 NERC-CIP GridCode Cybersecurity and other regional frameworks while enabling safe operations and innovation across the renewable energy portfolio. The professional will also promote a culture of cybersecurity awareness and continuous improvement throughout the organization coordinating cross-functional initiatives and leading cybersecurity projects to ensure consistent implementation and governance across all regions.

What you will do:

Governance Policy and Compliance:

• Develop maintain and communicate OT cybersecurity policies standards and procedures aligned with corporate governance and international regulations.
• Lead compliance initiatives with NIS2 NERC-CIP GridCode Cybersecurity IEC 62443 and other relevant frameworks.
• Perform regular risk assessments gap analysis and audits across the regions defining mitigation and improvement plans.
• Ensure that cybersecurity governance is embedded in OT operations and projects globally.
• Coordinate regional stakeholders to align compliance roadmaps ensuring timely delivery of milestones and effective follow-up on action plans.

Projects and Architecture:

• Design and validate secure OT network architectures including segmentation zoning secure remote access and data flow control.
• Define functional and technical requirements for OT cybersecurity systems and oversee implementation according to best practices and EDP standards.
• Manage supplier evaluation tender processes (RFI/RFP) and contract negotiations for OT cybersecurity solutions and services.
• Collaborate with Engineering IT and Operations teams to ensure Security by Design in new assets systems and upgrades.
• Plan coordinate and monitor OT cybersecurity projects from inception to implementation managing resources schedules and deliverables to ensure quality and alignment with business priorities.

Cybersecurity Operations and Incident Management:

• Lead the development and execution of OT-specific incident response plans and coordinate with global SOC and CERT teams.
• Support vulnerability management intrusion detection and forensic analysis within OT networks.
• Provide expert troubleshooting and root cause analysis for OT-related cybersecurity incidents.
• Ensure lessons learned and post-incident improvements are incorporated into standards and procedures.
• Coordinate cross-functional response teams during incidents and ensure effective communication and escalation management.

Training Awareness and Continuous Improvement:

• Promote cybersecurity awareness and capacity building for OT operations and maintenance teams.
• Lead periodic drills workshops and tabletop exercises to validate the OT incident response capability.
• Foster innovation by evaluating new technologies such as anomaly detection zero-trust architectures and secure cloud integration for OT environments.

Strategic Initiatives:

• Contribute to RGAs WS&S Cybersecurity Roadmap ensuring OT initiatives are aligned with business objectives and regulatory requirements.
• Participate in global and regional working groups on compliance risk management and technology standardization.
• Support the rollout of global cybersecurity programs such as IDS and PAM systems and new compliance-driven initiatives.
• Provide leadership and project governance in multi-region OT security programs ensuring alignment with the corporate cybersecurity strategy.

Employment type: Full-Time

Work site: Hybrid

Work Place: Porto

What are we looking for:

• University degree in Electrical Electronic Automation Energy or Telecommunications Engineering or another relevant technical field.
• Complementary education in Cybersecurity or Technology Risk Management is a plus.
• Proven experience in Operational Technology (OT) security with strong understanding of international cybersecurity frameworks and standards such as:
• IEC 62443 Industrial Control Systems (ICS) and OT security.
• ISO/IEC 27001 Information Security Management Systems.
• Knowledge of NIST 800-82 NERC-CIP GridCode Cybersecurity or equivalent frameworks is highly valued.
• Professional certifications in technical or governance domains (e.g. GICSP CISSP CISM ISO 27001 Lead Implementer) will be considered an advantage.
• English: fluent (mandatory); Portuguese: fluent (mandatory) and Spanish: highly valued.
• Proven experience in OT environments including SCADA DCS PLC EMS and industrial networks.
• Previous involvement in energy or industrial infrastructure projects (renewable energy preferred but not mandatory).
• Hands-on experience in OT cybersecurity network segmentation and regulatory compliance.
• Experience working on or supporting international OT security programs across multiple regions.
• Demonstrated experience in coordinating and managing cybersecurity projects including budget control stakeholder management and progress reporting.
• Strong knowledge of industrial communication protocols (IEC/104 Modbus DNP3 OPC-UA IEC-61850).
• Solid understanding of industrial networking (firewalls routing VLANs VPNs DMZs NAT IDS/IPS).
• Proficiency in cybersecurity standards: IEC 62443 NIST 800-82 ISO 27001 NERC-CIP GridCode Cybersecurity.
• Experience with vulnerability management asset inventory and incident response in OT environments.
• Understanding of SOCs SIEM and threat intelligence applied to OT.
• Excellent communication and collaboration skills in multicultural environments.
• Strategic and analytical mindset with a focus on problem-solving.
• Demonstrated experience in coordinating and managing cybersecurity projects including budget control stakeholder management and progress reporting.
• Ability to influence and coordinate across multidisciplinary global teams.
• Strong sense of ownership accountability and adaptability to changing business and regulatory demands.
• Commitment to continuous improvement and operational excellence.

More than academic knowledge and technical skills we are looking for ambitious people who are enthusiastic about the future and who bring human skills aligned with our purpose.

Equal opportunities for all

Our vision is that each person combines their unique characteristics and experiences to fulfill our mission of creating new energy for the planet. We are an inclusive employer ensuring all candidates are treated fairly throughout the recruitment process. We welcome and value all people and we are committed to fostering a sense of belonging for each person who is part of the EDP group.

Need more reasonsto apply

As a top employer we:

• Empower our employees through a positive and innovative work environment that promotes collaboration and agile decision-making;
• Respect and value each person providing a flexible healthy and inclusive workplace with a range of attractive benefits;
• Provide a meaningful work experience and prepare our people for future challenges through different opportunities for development and internal mobility;

Our efforts have resulted in several distinctions over time highlighting the EDP groups strong positioning and its dedication and commitment to attracting and retaining the best talent:

• Top employer certification by Top Employers Institute
• Part of the Bloomberg Gender-Equality Index
• Global certification as a family-responsible company by Fundación Másfamília
• Top 100 Workplaces by Houston Chronicle

Discover our tips to enhance your performance during the recruitment process and apply until 29/01/2026 if you think you are the right fit for this opportunity.