St1 Oy

Energy + 3 more

OT Cybersecurity Engineer

Job details

Contract Type

Full time, Permanent

Education

Bachelor's degree

Work experience

7 years

Language skills

English, Finnish, Swedish

Description

St1 is an energy transition company with the vision to be the leading producer and seller of CO₂-aware energy. St1 operates in Finland, Sweden, Norway, and the United Kingdom. Our portfolio encompasses oil products, biogas, Sustainable Aviation Fuel (SAF), renewable diesel (HVO) and solar power. St1 has 1,150 retail stations across Finland, Sweden and Norway. Together, we’re more than 1,000 curious, committed and caring people here to change the game. Ready to challenge the ordinary with us?



About the Role
St1 is on a mission to be the leading producer and seller of CO2-aware energy. Behind that mission sits real, physical infrastructure: the Gothenburg refinery, fuel terminals, marine bases and depots, a growing retail estate that runs everything from car-wash systems to energy distribution, and UK biofuel operations feeding our Gothenburg biorefinery. All of it depends on Operational Technology, and all of it has to be secure.


We are looking for an OT Cybersecurity Engineer to take ownership of cybersecurity across this OT estate. This is a role for someone who is equally at home writing a security standard and sitting at a terminal working through network segmentation, firewall rules, and monitoring coverage. You understand that OT is not IT: long lifecycles, availability comes first, patching windows are scarce, and a security decision can have safety and environmental consequences.

Your first mission is clear. You will implement our Cybersecurity Management System (CSMS) across the OT estate, starting with the correct, site-by-site rollout of our Terminal Cybersecurity Architecture. From there, you scale a consistent OT cybersecurity approach across the wider multi-site footprint.


How you’ll help drive the change
Joining St1, you’ll be part of running and developing a profitable business that invests in long-term energy solutions. Together we achieve the extraordinary through everyday work. As an OT Cybersecurity Engineer, you’ll play a key role in…


• Driving the correct, site-by-site rollout of our OT cybersecurity architecture.

• Setting and maintaining OT security standards aligned to ISO/IEC 27001, IEC 62443, the CIS 18 Controls, and NIS2 obligations in Finland and Sweden.

• Working hands-on across the IT infrastructure that supports OT and across OT systems themselves, to the level needed to specify and validate controls, not to run the plant.

• Guiding and, where needed, firmly challenging OT vendors on cybersecurity.

• Being the trusted OT security advisor to our CISO, site teams, refinery, and retail operations across the Nordics.


What you bring to the team

We’re looking for a colleague with the drive to challenge, collaborate and grow. To thrive in this role, you likely have:

• A proven track record implementing OT cybersecurity, at least at large production-site level, and multi-site experience is a real plus.

• A genuine mix of governance and technical skill.

• Strong knowledge of OT-specific constraints and how they differ from IT security.

• The confidence to challenge vendors and the credibility to make it stick.

• CISSP or equivalent certification.

• Fluent English (mandatory); Finnish, Swedish, or Norwegian is preferred.

• A proactive, can-do mindset and the appetite to work in a lean, fast-moving organisation where you build the structure rather than inherit it.

• Willingness to travel across the Nordics and the UK.

You are comfortable setting direction and standards, then rolling up sleeves to make them real on site. You create structure where sometimes none exists, challenge vendors and assumptions constructively, and prioritize resilience and availability over theoretical completeness.


Who are we looking for
We are looking for your passion, skills and drive. We're looking for those who recognize the St1 Spirit in themselves: Curious, Commercial, Committed and Caring. This Spirit shows up in daily actions: creating a space where it is safe to be yourself and raise problems early, following through when delivery gets tough, thinking end-to-end rather than in silos, and learning faster than the environment changes. Let us know what you can and want to do.


Why Join St1?


  • A high-impact role at the centre of critical energy infrastructure and the energy transition.
  • Full ownership to shape and mature OT security across St1.
  • Backed by a strong CISO function and 24/7 SOC/NOC partners.
  • Security work that protects people, safety, and the environment.
  • A talented Nordic technology organisation built on trust, freedom, and responsibility


How we support your journey

At St1, your safety and wellbeing come first. We offer an open and inclusive workplace where you’re respected and trusted to take initiative. In a hands-on, informal culture — and a business that never stands still — there’s room to explore ideas and take on new challenges. We support your journey through learning and opportunities to grow across teams and countries.

You’ll have real ownership of cybersecurity across our operational technology estate, working with a wide range of teams; backed by competitive pay, a bonus scheme and genuine opportunities to grow your career.


If you’d like to explore more about our culture, visit our career site.


What to expect after you apply


We welcome applicants from all backgrounds and are committed to an inclusive and equitable recruitment process.

Interested? Send us your CV and cover letter via the Barona Career site no later than Thursday, 14 August 2026. For more information, please reach out to us during the August calling times: Tuesday, 4 of August or Thursday, 6 August 2026 between noon and 2 pm.

Contact person is Barona’s Recruitment Team Lead Lassi Jyrinsalo at +358 40 762 8992 or via email at [email protected].

Let’s challenge the ordinary