Cyber Security Engineer (Controls)

Job Title: OT Cybersecurity Senior Professional

Position Description
The Generation Engineering Department in Engineering and Major Projects is the Centre of Engineering for generation businesses and provides consultancy services in generation technology for the generation business. This includes optimising the long-term performance of the Generation Assets through process performance optimisation and portfolio long-term asset management, as well as continuously driving improvements in overhaul management, safety, technical and engineering standards, and the delivery of new power plant projects. To enable and support this, we currently have an opportunity for an OT Cybersecurity Senior Professional to join our Generation Engineering team. The successful candidate will report to the OT Cybersecurity Lead and support in the delivery of Generation projects such as the development of new build zero and low carbon generation assets and renewal of existing assets within our plant portfolio and for international client

Looking for a New Challenge?
The OT Cybersecurity Senior Professional is part of the C&I Team and will report to the OT Cybersecurity Team Lead. The purpose of the role is to support maintaining a strong cyber security posture across the Generation portfolio. It will cover a range of activities in alignment with the generation cybersecurity operating model, the cybersecurity plan, assisting in the assessment, audit, and review process, and existing or emerging vulnerabilities and threats that could impact the Operational Technology environment in the generation business.

Key Responsibilities
Working across diverse types of generation assets and technologies your responsibilities will include, but are not limited to the following: Review and stay current on NIS Directive regulations and industry cybersecurity trends. Conduct and help identify potential NIS Directive compliance gaps in our industrial control systems, SCADA, DCS, SIS, PLC, and NMS Operational Technology systems and establish mitigation plans. Conduct cybersecurity risk assessments and vulnerability assessments of OT systems and networks including review of TVM alerts relevant to installed OT assets, impact, and criticality. Collaborate with internal teams and suppliers for the design and deployment of security controls and technologies to safeguard OT assets, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools. Manage tools like Active Directory, SIEM, Firewall, IDS,Antivirus, Backup etc. Stay up to date on emerging threats, vulnerabilities, and technologies in OT cybersecurity and recommend proactive measures to mitigate risks. Conduct regular security assessments and audits of OT systems to ensure compliance with security policies and regulatory requirements. Collaborate with IT and OT teams to integrate cybersecurity measures into the design and implementation of new systems and technologies. Support Generation NIS Directive compliance work programme. Collaborate with broader Generation IT & CIO teams to embed new processes and procedures into Generation with appropriate governance e.g., NIST, CAF. Preparation of documentation in support of audits and compliance with Corporate and/or NIS Directive requirements. Aid interactions with internal audit and external regulatory bodies during audits or other required meetings.

Work closely with internal teams and vendors to complete reviews and implementation, vulnerability assessments, mitigations & other various cybersecurity-related activities as needed. Assist, support, and implement system upgrades including patches, Antivirus, GPO, User Management, security configurations etc. Support carrying out cyber security risk assessments for new or existing OT systems. Provide subject matter expertise in cybersecurity and help broaden the knowledge of other generation O&M teams. Make and Manage asset inventory for OT systems. Design, deploy, and manage the operation technology (OT) network infrastructure, including switches, routers, firewalls, and other network devices. Provide training and guidance to end-users on OT Cybersecurity, security protocols, and best practices. Support and development of OT cyber security awareness initiatives. Assessing the feasibility of OT Cybersecurity projects and providing options and solutions in line with project business cases and risk assessments. Provide support to the Operations Technology Cybersecurity Lead. Work with Engineering architects to define appropriate standards and ensure adherence. Promoting and leading the safety management culture across all activities by taking ownership and demonstrating a visible commitment to safety in all works/project stages and ensuring compliance with organisational quality procedures. Support Generation OT cyber security improvement planning and lead projects to deliver improvement.Support all Generation projects to ensure implementation of security by design. Work with central Cybersecurity SOC and other cybersecurity operations specialists in relation to security issues, initiatives, threats, and incidents as required.

Experience
Working as part of this dynamic team, you will always have new challenges and new problems to solve working together is key. You will have the autonomy to choose how best to tackle tasks and solve problems with the support of your colleagues.

Essential
Have a minimum of 5 years of relevant working experience in the generation sector or a comparable industry in OT Cybersecurity. Proven experience in cybersecurity roles, with specific expertise in OT/ICS security. In-depth knowledge of industrial control systems, SCADA, DCS, SIS, PLC, and other OT technologies and communication protocols. Familiarity with cybersecurity frameworks such as the ISO 27001, NIST Cybersecurity Framework, Cyber Assessment Framework, and IEC/ISA 62443. Hands-on experience with tools for Active Directory, SIEM, Firewall, IDS,Antivirus, Backup etc. Demonstrated internal and external stakeholder management and project/scope coordination involving multiple stakeholders, contractors or third parties. Self-motivated individual with the drive to professionally develop self and others and share knowledge and competencies within a team structure. Strong analytical and problem-solving skills, with the ability to assess complex systems and identify security risks. Ability to work independently and in a team environment to pinpoint root causes and devise solutions with minimal oversight. Well-versed with Health, Safety and Environment Standards and procedures, including Risk Assessment and Method Statement. Full clean driving license and flexibility to travel nationally and internationally.

Desirable Experience in developing security policies, standards, and procedures. Familiarity with threat intelligence, vulnerability assessment, Identity management, and incident response. Qualifications Essential The candidate will hold a 3rd-level qualification or equivalent in engineering or equivalent with experience in OT and C&I technologies, projects and practices. Desirable Preferable certifications in ISA 62443 Expert, CCNP, ICS-CERT, or SANS etc. OEM Certified training on the control systems and safety systems. Demonstrated active engagement with engineering institutions or professional societies for embedding good engineering and industrial cybersecurity practice in projects and work practices