Create Alert
Apply now »

I&O Security Lead

Date:  17 Jul 2025
Location: 

Aberdeen, GB

Advertised Salary:  Competitive
Onshore/Offshore:  Onshore
Working arrangement:  Full Time

Since its creation in 2014, Harbour has grown to become one of the world’s largest and most geographically diverse independent oil and gas companies.  Today, Harbour is producing between 475,000 and 485,000 barrels of oil equivalent per day with significant production in Norway, the UK, Germany, Argentina and North Africa. Harbour benefits from competitive operating costs and resilient margins, and a broad set of growth options including near-infrastructure opportunities in Norway, unconventional scalable opportunities in Argentina and conventional offshore projects in Mexico and Indonesia. With low GHG emissions intensity and a leading CO2 storage position in Europe, Harbour remains committed to producing oil and gas safely and responsibly to help meet the world’s energy needs. Harbour is headquartered in London with approximately 5,000 staff and contractors across its operations and offices. 

 

Ours is an inclusive workplace where individuals can bring their whole selves to their job and feel recognised for the value they add. We are committed to creating a genuinely inclusive and supportive working environment to ensure everyone has a positive experience at work.

 

At Harbour Energy, we aim to recruit, retain and promote our people based on their unique skills, regardless of race, gender or background. We need excellent people to help shape and develop the future of our company. Could this be you?

 

If so, we want to hear from you.

 

Purpose of Role: 

  • ​​This role sits within the Infrastructure and Operations team. 
  • ​Ensure that I&O security, resilience and operational controls are in place, appropriately designed and operated effectively to maintain legal/regulatory compliance.   
  • ​Manage assurance activities to define and refine I&O standards, ensure regulatory compliance and manage I&O risks and issues. 
  • ​Proactively identify and document emerging risks, maintain risk registers, and develop action plans to address control weaknesses​ 

 

Critical Responsibilities:

Ensuring that all activities are carried out in a safe manner complying with all regulatory requirements, legislation and Harbour Energy HSES Procedures.

 

Ethics and Compliance Responsibilities:

Ensure that all activities and behaviours are carried out in accordance with Harbour Energy’s Ethics and Compliance Policies and Procedures, and to complete any compulsory compliance training as required.

 

Areas of Accountability, Responsibility and Competence:

  • ITGC (IT General Controls): Develop, implement and maintain controls, in consultation with IS Security, to ensure the reliability and integrity of IS operations. This includes access management and periodic reviews of I&O processes and controls. 
  • Work closely with I&O and project teams to ensure security and controls are integrated into the design and implementation of I&O projects. 
  • Continuously improve the I&O security and controls posture. Maintain awareness of relevant tools and external standards for security and controls management to ensure legal and regulatory compliance. 
  • Specify appropriate security and compliance tooling in line with standards defined by Harbour Energy and ensure that this is implemented. Collaborate with the IS Security team to ensure that corporate security tooling standards/choices are workable for I&O. 
  • Engage and coordinate I&O activities in response to security incidents as required. 
  • Develop and deliver security and assurance awareness sessions for I&O teams. 
  • Develop action plans to address control weaknesses. 
  • Monitoring and Reporting: Ensure that system logging and monitoring meet requirements and are properly integrated into corporate SIEM systems. Oversee monitoring of security events and generate reports to keep senior management informed of the security posture.  
  • Engage with functions such as security and internal audit to plan and scope audit work and ensure consistency of approach across the I&O team. Lead engagement with internal and external security and controls audits. 
  • Track, facilitate and manage audit actions to timely completion. 
  • Manage I&O compliance with software licence agreements and coordinate I&O responses to software audit reviews. 
  • Manage and develop risk, control and control-testing processes and documentation for I&O services. 
  • Work collaboratively across the I&O team to lead and guide assessment to manage risk/controls, assisting and facilitating solutions. 
  • Proactively work to identify and document emerging risks/issues/non-conformances with the I&O team. 
  • Maintain risk, issue and non-conformance registers; develop and track treatment plans using the standard IS toolset. 
  • Lead work across I&O to establish, maintain and test BC and DR plans, interfacing with IS Security teams. Participate in broader exercises to test these. 
  • Work with the I&O teams to establish and manage recovery plans to ensure resilience and recovery achieves RPO and RTO requirements. 
  • Work with the wider team to define and develop relevant security, compliance and resilience KPIs and KRIs for I&O and ensure effective reporting of metrics. 
  • Manage personnel as required, including resource planning and development. 
  • Develop staff through coaching, mentoring and performance management. 
  • Maintain frameworks to provide assurance that third parties are managing I&O services in line with Harbour Energy’s operational control requirements. 
  • Work with the team to develop and maintain infrastructure standards across I&O. 
  • May be required to provide out of hours support via an on-call rota.

 

Critical Skills, Qualifications, Experience, etc.:

​​Essential: 

  • ​Experience of leading operational security and assurance with a proven track record 
  • ​Excellent understanding of risk management and mitigation approaches 
  • ​Experience in establishing and governing ITGC control frameworks 
  • ​Experience in interpreting and implementing assurance standards  
  • ​Experience in engaging with internal and external control assurance and audit teams 
  • ​Experience in I&O software license assurance and management 
  • ​Excellent analytical, strategic conceptual thinking, strategic planning and execution skills 
  • ​Proactive and conscientious  
  • ​Strong written and verbal communication skills 

Preferred: 

  • ​Experience of IS Operational security and compliance in the Energy/Oil and Gas sector  
  • ​Experience of both on-premise and cloud-based security and compliance  
  • ​Previous experience of working with a diverse and multi-national vendor support model 
  • ​CISM, CISA, CRISC, ITIL foundation qualification ​ 

.

 

Inclusive recruitment is a vital part of our diversity, equity and inclusion strategy. Whatever your background, if you feel you need an adjustment during our selection process to suit your needs, please let us know, and we will be happy to help.

 

Apply now »