OT Cybersecurity Expert

We are EDP, a global energy company present in around 29 markets with a particular emphasis on renewable energies. With more than 45 years of experience, we have been consolidating a relevant presence on the world energy scene based on the commitment to be all-green by 2030, leading the energy transition. With more than 13,000 employees around the world, we are committed to using our energy and heart to drive a better tomorrow.

The mission of this role is to ensure the security, resilience and compliance of RGA's WS&S Operational Technology (OT) environments worldwide. The OT Cybersecurity Expert will design, implement and maintain robust cybersecurity architectures, standards and controls aligned with EDP Group governance and international regulations.

This role supports RGA's WS&S global OT footprint, driving security compliance with NIS2, NERC-CIP, GridCode Cybersecurity, and other regional frameworks, while enabling safe operations and innovation across the renewable energy portfolio. The professional will also promote a culture of cybersecurity awareness and continuous improvement throughout the organization, coordinating cross-functional initiatives and leading cybersecurity projects to ensure consistent implementation and governance across all regions.

What you will do:

Governance, Policy, and Compliance:

• Develop, maintain, and communicate OT cybersecurity policies, standards, and procedures aligned with corporate governance and international regulations.
• Lead compliance initiatives with NIS2, NERC-CIP, GridCode Cybersecurity, IEC 62443, and other relevant frameworks.
• Perform regular risk assessments, gap analysis, and audits across the regions, defining mitigation and improvement plans.
• Ensure that cybersecurity governance is embedded in OT operations and projects globally.
• Coordinate regional stakeholders to align compliance roadmaps, ensuring timely delivery of milestones and effective follow-up on action plans.

Projects and Architecture:

• Design and validate secure OT network architectures, including segmentation, zoning, secure remote access, and data flow control.
• Define functional and technical requirements for OT cybersecurity systems and oversee implementation according to best practices and EDP standards.
• Manage supplier evaluation, tender processes (RFI/RFP), and contract negotiations for OT cybersecurity solutions and services.
• Collaborate with Engineering, IT, and Operations teams to ensure Security by Design in new assets, systems, and upgrades.
• Plan, coordinate, and monitor OT cybersecurity projects from inception to implementation, managing resources, schedules, and deliverables to ensure quality and alignment with business priorities.

Cybersecurity Operations and Incident Management:

• Lead the development and execution of OT-specific incident response plans and coordinate with global SOC and CERT teams.
• Support vulnerability management, intrusion detection, and forensic analysis within OT networks.
• Provide expert troubleshooting and root cause analysis for OT-related cybersecurity incidents.
• Ensure lessons learned and post-incident improvements are incorporated into standards and procedures.
• Coordinate cross-functional response teams during incidents and ensure effective communication and escalation management.

Training, Awareness, and Continuous Improvement:

• Promote cybersecurity awareness and capacity building for OT operations and maintenance teams.
• Lead periodic drills, workshops, and tabletop exercises to validate the OT incident response capability.
• Foster innovation by evaluating new technologies such as anomaly detection, zero-trust architectures, and secure cloud integration for OT environments.

Strategic Initiatives:

• Contribute to RGA's WS&S Cybersecurity Roadmap, ensuring OT initiatives are aligned with business objectives and regulatory requirements.
• Participate in global and regional working groups on compliance, risk management, and technology standardization.
• Support the rollout of global cybersecurity programs such as IDS and PAM systems, and new compliance-driven initiatives.
• Provide leadership and project governance in multi-region OT security programs, ensuring alignment with the corporate cybersecurity strategy.

Employment type: Full-Time

Work site: Hybrid

Work Place: Porto

What are we looking for:

• University degree in Electrical, Electronic, Automation, Energy or Telecommunications Engineering, or another relevant technical field.
• Complementary education in Cybersecurity or Technology Risk Management is a plus.
• Proven experience in Operational Technology (OT) security, with strong understanding of international cybersecurity frameworks and standards, such as:
• IEC 62443 – Industrial Control Systems (ICS) and OT security.
• ISO/IEC 27001 – Information Security Management Systems.
• Knowledge of NIST 800-82, NERC-CIP, GridCode Cybersecurity, or equivalent frameworks is highly valued.
• Professional certifications in technical or governance domains (e.g., GICSP, CISSP, CISM, ISO 27001 Lead Implementer) will be considered an advantage.
• English: fluent (mandatory); Portuguese: fluent (mandatory) and Spanish: highly valued.
• Proven experience in OT environments, including SCADA, DCS, PLC, EMS, and industrial networks.
• Previous involvement in energy or industrial infrastructure projects (renewable energy preferred, but not mandatory).
• Hands-on experience in OT cybersecurity, network segmentation, and regulatory compliance.
• Experience working on or supporting international OT security programs across multiple regions.
• Demonstrated experience in coordinating and managing cybersecurity projects, including budget control, stakeholder management, and progress reporting.
• Strong knowledge of industrial communication protocols (IEC-60870-5-101/104, Modbus, DNP3, OPC-UA, IEC-61850).
• Solid understanding of industrial networking (firewalls, routing, VLANs, VPNs, DMZs, NAT, IDS/IPS).
• Proficiency in cybersecurity standards: IEC 62443, NIST 800-82, ISO 27001, NERC-CIP, GridCode Cybersecurity.
• Experience with vulnerability management, asset inventory, and incident response in OT environments.
• Understanding of SOCs, SIEM, and threat intelligence applied to OT.
• Excellent communication and collaboration skills in multicultural environments.
• Strategic and analytical mindset with a focus on problem-solving.
• Demonstrated experience in coordinating and managing cybersecurity projects, including budget control, stakeholder management, and progress reporting.
• Ability to influence and coordinate across multidisciplinary global teams.
• Strong sense of ownership, accountability, and adaptability to changing business and regulatory demands.
• Commitment to continuous improvement and operational excellence.

More than academic knowledge and technical skills, we are looking for ambitious people who are enthusiastic about the future and who bring human skills aligned with our purpose.

Equal opportunities for all

Our vision is that each person combines their unique characteristics and experiences to fulfill our mission of creating new energy for the planet. We are an inclusive employer, ensuring all candidates are treated fairly throughout the recruitment process. We welcome and value all people, and we are committed to fostering a sense of belonging for each person who is part of the EDP group.

Need more reasonsto apply?

As a top employer we:

• Empower our employees through a positive and innovative work environment that promotes collaboration and agile decision-making;
• Respect and value each person, providing a flexible, healthy, and inclusive workplace with a range of attractive benefits;
• Provide a meaningful work experience and prepare our people for future challenges through different opportunities for development and internal mobility;

Our efforts have resulted in several distinctions over time, highlighting the EDP group's strong positioning and its dedication and commitment to attracting and retaining the best talent:

• Top employer certification by Top Employers Institute
• Part of the Bloomberg Gender-Equality Index
• Global certification as a family-responsible company by Fundación Másfamília
• Top 100 Workplaces by Houston Chronicle

Discover our tips to enhance your performance during the recruitment process and apply until 29/01/2026 if you think you are the right fit for this opportunity.