Information Security Officer

The Information Security Officer (ISO) drives and embeds Rotorks information security strategy across IT and OT ensuring the confidentiality integrity and availability of data and systems. The role leads governance risk and compliance (GRC); defines and maintains security policies and controls; supports secure-by-design engineering; and coordinates risk remediation in partnership with Technology Engineering and Operations.

Key Responsibilities

Governance Risk & Compliance (GRC)

• Own and evolve the information security policy framework standards and baselines aligned to ISO/IEC 27001 NIST CSF and relevant IEC 62443 controls for OT.
• Operate the Information Security Management System (ISMS): scope management control selection risk treatment plans Statement of Applicability internal audits and management reviews.
• Maintain Rotorks Cyber and Information Security risk register and conduct regular assessments (IT and OT) providing clear risk narratives impact analyses and remediation plans.
• Lead thirdparty/security due diligence and contract language (SLAs DPAs security schedules) including supplier onboarding continuous monitoring and exit controls.

Security Architecture & Engineering

• Define security requirements and patterns for cloud onprem network and endpointincluding identity privileged access segmentation and encryption.
• Partner with Enterprise Architecture and Engineering to embed secure-by-design and privacy-by-design across projects with formal design reviews and signoff gates.

Operations & Incident Readiness

• Collaborate with SOC/IR teams to refine use cases playbooks and detections; ensure control effectiveness through KPIs/KRIs and continuous assurance.
• Drive vulnerability and patch governance - prioritization SLA management compensating controls - and track remediation to closure.

Awareness & Stakeholder Engagement

• Lead security awareness and targeted training (e.g. phishing secure coding OT cyber hygiene supplier security).
• Provide clear businessfriendly reporting and metrics to leadership - risk posture control maturity audit findings and improvement roadmap.

AI Governance & Security

• Monitor compliance with emerging AI regulations and standards including EU AI Act UK AI principles and ISO/IEC 42001 for AI Management Systems.
• Assess risks associated with AI-enabled systems including adversarial attacks data poisoning and model integrity.
• Collaborate with internal teams to embed security and privacy-by-design in AI models and algorithms.

Cyber Essentials & IASME Cyber Assurance

• Support Rotorks Cyber Essentials Plus and IASME Cyber Assurance accreditation programs ensuring all technical and procedural controls meet certification requirements.
• Maintain evidence packs liaise with external assessors and coordinate internal teams for successful audits and renewals.

Qualifications :

• Degree in Computer Science Information Security Engineering or a related field; or equivalent experience.
• At least one of the following professional certifications (or commitment to obtain within 12 months):
  • CISSP or CISM (core)
  • ISO/IEC 27001 Lead Implementer or Lead Auditor
  • CCSP (cloud) or CRISC (risk)
  • CompTIA Security
  • IEC 62443 certificate(s) (desirable for OT)

Experience

• 5 years in information/cybersecurity roles with demonstrable GRC ownership and risk management in complex multisite environments.
• Handson experience implementing and operating ISO 27001 and/or NIST CSF frameworks including audits and certification cycles.
• Practical exposure to industrial/OT security (IEC 62443 concepts ICS/SCADA risk segmentation asset management) strongly preferred.
• Proven track record of leading remediation across vulnerability management identity & access management network security and cloud security (Azure/AWS).
• Vendor and thirdparty risk management including contract negotiation and continuous monitoring.
• Incident response participation (playbooks tabletops forensics coordination lessons learned).

Additional Information :

Rotork is the market-leading global flow control and instrumentation company helping our customers manage the flow of liquids gases and powders across many industries worldwide.

Our purpose is Keeping the World Flowing for Future Generations.

For over sixty years the world has relied on us to create the things that keep everything moving. From oil and gas to water and shipping pharmaceuticals and food- these are the flows on which our modern world depends.

Today were respected and admired for our people performance and products. Our success flows from our commitment to engineering excellence and thats what we will always pursue safely and sustainably.

Rotork is going through an exciting period of change and growth building on our existing market success. Its a great time to join us and make an impact in shaping the future of our business.

Remote Work :

No

Employment Type :

Full-time