OT & Cybersecurity Engineer

Title:	“Senior” - based on years of experience
Location:	New Delhi, India
Reports to:	Head of IT
Leadership responsibility:	No direct reports anticipated

Based in ASE's New Delhi office and working closely with teams across Europe, this role is primarily responsible for cybersecurity across ASE's IT and Operational Technology (OT) environments, with a particular focus on protecting the company's Solar/BESS physical assets and associated SCADA infrastructure. The individual will also provide secondary support to the broader IT team - covering colleagues during absences and assisting with general IT operations - but the defining purpose of this position is security and OT integrity.

Please note this role requires willingness to provide out-of-hours coverage for cybersecurity incident management when needed.

Job Responsibilities:

1. Cybersecurity

Lead and own all cybersecurity requirements across ASE's IT and OT environments, including:

• Daily security and threat monitoring, investigation, and incident response
• Vulnerability management across all systems and environments
• Firewall, network, Bastion, and overall security architecture management
• Azure cybersecurity management (Bastion and related services)
• M365 security policy management
• Email security — Exchange, Mimecast, mail flow, and web filtering policies
• Conditional Access and certificate lifecycle management
• Patch management across IT and OT systems
• Change Advisory Board management
• SOC setup, rule-setting, maintenance, and monitoring (NIS2 requirement)
• NIS2 and ISO 27001 compliance — implementation, maintenance, and reporting
• Business Continuity, Disaster Recovery, and Incident Response planning
• Cyber insurance standards compliance
• Security awareness — training programmes, phishing simulations, and security newsletters
• Incident management end-to-end: detection, resolution, reporting (internal and to Compliance), and mitigation
• Stay current on European and UK cybersecurity regulations, working closely with the Compliance Manager
• Monthly and quarterly security reporting

2. Operational Technology (OT)

• End-to-end SCADA-related architecture management: sensors, inverters/WMS, data loggers, PLC/RTU, SCADA, on-prem/cloud servers
• OT network security: OpenVPN, routers, SIM/landline connectivity, redundancy strategies, and resilience
• Data Logger and SCADA system management
• Database management within the OT environment
• Server management for OT systems
• Identify and prevent data gaps caused by network, firmware, or logger issues, providing technical support to NL/UK/DE sites as required
• OT data governance and cybersecurity: secure credentials, API keys, and server access

3. IT Support (Secondary Function)

In support of the wider IT team, the role will also cover:

• M365 environment: user and licence management, on/offboarding, guest accounts, data storage and governance (SharePoint, GDPR, ISO, NIS2)
• Azure environment: cloud administration, server/VM management, and VPN management
• Networking: architecture, firewalls, SFTP/SSH/VPN file transfers, and WiFi management
• Data backup monitoring and monthly testing
• Cover for Desktop Support (UK) during times of absence

This is not an exhaustive list of responsibilities for this role.

Minimum Requirements :

• Degree in a relevant IT or engineering field
• Minimum 8 years of IT experience, with at least 5 years focused on IT/OT environments and cybersecurity management
• Hands-on experience with:
• Cybersecurity in Microsoft 365 and Azure environments
• OT and SCADA experience in the renewable energy industry, particularly Solar/BESS — including inverters, PPCs, data loggers (e.g., Bluelogger), Kepware, and BESS EMS/BMS
• ISO 27001 — ISMS development, implementation, and ongoing maintenance
• AI-assisted cybersecurity tooling
• Networking fundamentals
• International environments, particularly Europe
• Strong communication skills, collaborative approach, and ability to work across European cultures
• SharePoint and NetSuite familiarity
• Fluency in written and spoken English

Nice to Have

• Knowledge of NIS2 (EU) and CSRB (UK) cybersecurity regimes
• German or Dutch language skills

Job Description Confidential - For Internal Use Only