Senior OT Cyber Security EngineerBilfinger LTM • Chesterfield, England, United Kingdom
This job offer is no longer available
Senior OT Cyber Security Engineer
Bilfinger LTM
- Chesterfield, England, United Kingdom
- Chesterfield, England, United Kingdom
About
Bilfinger UK is a leading engineering and maintenance provider supporting customers across the chemical & petrochemical, nuclear, oil & gas, pharmaceuticals, biopharma, power & energy, utilities, renewables and food & beverage markets. We enhance the efficiency of assets, ensuring a high level of availability and reducing maintenance costs.
We have extensive experience in offshore and onshore facilities; specialising in asset management services throughout all life‑cycle phases from consulting, engineering, manufacturing, assembly, operations, maintenance and decommissioning.
This commitment is delivered by an experienced and highly competent workforce of over 4,500 employees operating from 14 offices in strategic industrial hubs, upholding the highest standards of safety, compliance and quality.
Role As part of our continued growth in OT Cyber Security we are looking for an experienced, committed and enthusiastic OT Cyber Security Engineer to join our Automation team. The OT Cyber Security Engineer will :
Lead OT cyber security project lifecycle activities to deliver secure‑by‑design Industrial Automation and Control Systems (IACS)
Be responsible for delivering OT cyber security consultancy services
Manage continuous improvement of Bilfinger UK’s OT Cyber Security Management System (CSMS)
The OT Cyber Security Engineer will take full responsibility for the successful delivery of cyber security projects (technical quality, time and cost elements).
The ideal candidate will demonstrate a growth mindset, bring innovative and bleeding‑edge solutions to address complex challenges and have the ability to develop new ideas, processes and systems in an evolving OT cyber‑security landscape.
Key Activities Working co‑operatively with the OT Cyber Security Manager, Technical Managers, Project Managers and engineering teams across a variety of Automation projects you will :
Lead OT cyber security project lifecycle activities to deliver secure‑by‑design IACS:
Facilitate and conduct ISAbased cyber security risk assessments to define risk‑based OT cyber security requirements
Create defence‑in‑depth segmented system architectures
Develop secure‑by‑design IACS to meet client requirements, including documenting OT cyber security requirements and specifications
Implement OT cyber security controls and countermeasures including:
Hardening of BIOS / UEFI virtual environments and operating systems to recognised industry standards, guidelines and best practices
Network security, including segmentation and boundary protection through managed switches, firewalls and remote access solutions (e.g. Stratix, Fortinet, etc.)
Cyber security applications for industrial control system environments:
Host Intrusion Detection (HIDS)
Malware detection and protection (Endpoint Detection and Response – EDR)
Network Intrusion Detection (IDS)
Network monitoring
Security Information and Event Management (SIEM)
Support Project Managers with the planning and execution of OT cyber security aspects of projects to ensure they meet the required time, cost and quality objectives
Responsible for delivering OT cyber security consultancy services by:
Conducting OT cyber security gap assessments of procedural and technological controls against relevant frameworks and standards (e.g. NCSC CAF, ISA/IEC 62443 suite)
Carrying out a wide variety of site and desktop‑based vulnerability assessments on clients’ brown‑field IACS
Supporting clients in the creation and development of their own CSMS artefacts (policies, procedures, guidelines, specifications, work instructions, etc.)
Managing continuous improvement of Bilfinger UK’s OT Cyber Security Management System
Supporting further development of cyber security documentation (policies, procedures, specifications)
Ensuring policies, procedures and specifications are followed on projects by providing OT cyber security technical supervision and quality assurance (e.g. design reviews, informal audits, etc.)
Promoting and maintaining a high level of security hygiene within Bilfinger UK’s Automation department
Promoting and facilitating OT cyber security knowledge sharing and learning (e.g. internal training, lunch‑and‑learns, standardisation best practices, etc.)
Attending and representing Bilfinger UK at industry OT cyber security groups and events
Contributing to the continuous professional development of the team by providing technical leadership and mentoring of junior engineers
Supporting the Business Development team on opportunities (client meetings, presentations/demonstrations, solutions optioneering, etc.)
Supporting the Proposals team on technical solutions, optioneering, bid production and technical review of bids
Helping develop and foster relationships and partnerships with control system OEM/vendor OT cyber security teams and OT cyber security solution providers
Providing health and safety leadership by example
Skills & Experience
At least 5 years of practical engineering experience in the application of OT cyber security to PLC, DCS, RTU, SCADA and HMI systems in at least one of Bilfinger UK’s key sectors
Experience of design, specification, implementation, testing and commissioning of security solutions, controls and countermeasures for OT/IACS environments. This should include:
Hardening of BIOS/UEFI virtual environments and operating systems to recognised industry standards, guidelines and best practices
Network security, including segmentation and boundary protection through managed switches, firewalls and remote access solutions (e.g. Stratix, Fortinet, etc.)
Cyber security applications for industrial control system environments:
Host Intrusion Detection (HIDS)
Malware detection and protection (Endpoint Detection and Response – EDR)
Network Intrusion Detection (IDS)
Network monitoring
Security Information and Event Management (SIEM)
Practitioner of the ISA/IEC 62443 suite of standards with particular focus on 3‑3
Experience working in or for System Integrator Operators of Essential Services (OES) or Critical National Infrastructure (CNI) organisations
Broad technical knowledge of a variety of control system OEMs (e.g. AVEVA, Rockwell Automation, Siemens, Schneider, etc.)
Experience of industrial networking protocols (e.g. CIP, DNP3, Modbus, PROFINET, IEC 61850, PRP, REP)
Experience of working within and supporting the continuous improvement of a Quality Management System (QMS)
Qualifications
A degree or HND/HNC in Electronic/Electrical Engineering, Computer Science or another relevant engineering discipline
Professionally registered engineer or working towards professional registration
Relevant OT cyber security certifications, e.g.
ISA/IEC 62443 Cyber Security Expert
GIAC Global Industrial Cyber Security Professional (GISCP)
If you wish to speak to a member of the recruitment team please contact .
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job was posted by one of our partners. You can view the original job source here.