OT Cyber Security Engineer

Belcan is recruiting for an OT Security Engineer on a Permanent basis based from our South West London office.

This project is working within the Oil & Gas Industry.

You'll be joining a culture that values curiosity, expertise, and ideas as well as equal opportunities, inclusion, and authenticity.

Location: London / hybrid - with ad-hoc visits to Norway and Poland.

Job Purpose

As an OT Cyber Security Engineer you will be responsible for providing OT cyber security support and oversight for product development groups and industrial control system environments within our client's organisation. This includes defining, managing, and enforcing IACS security controls, processes and procedures. Rely on experience in both information security and automation technologies focusing on industrial controls systems. Additional responsibilities include serving as a member of the IACS Cyber security team, the information and digital services team, working closely with sites, services, technical teams and product groups to ensure that security requirements and support are provided.

Job Description

• Provide secure design, development, and architecture requirements for Industrial Control Systems (ICS) environments and information and digital systems as they relate to ICS and automation.
• Provide support to write, review, and maintain documents, policies, and standards governing the cyber security requirements for the ICS environment.
• Provide secure architecture requirements for lab and development networks.
• Perform security reviews and assessments of systems, networks, and processes/procedures in ICS environments.
• Assist with testing, selection and implementation of security technologies in ICS environments.
• Provide support for projects and initiatives that enables sites to accomplish project goals in a secure manner.
• Provide support for management and remediation of vulnerabilities identified in ICS environments.
• Support on the development of cyber security technology implementation strategies for ICS environments with clear understanding of the differences between IT and OT environments.
• Support the execution of risk-based methodologies for cyber security assessments of ICS systems, including remote sites, onsite, third party, and on vessels.
• Support on the creation of technical design documentation and to write technical reports for both technical and management consumption and understanding.
• Follows the established metrics and key performance indicators to monitor the overall health and effectiveness of the ISC cyber security program.
• Stays informed about the latest cyber threats to the ICS environment including threats towards the organisation.
• Supports on the development of strategies and plans to mitigate emerging cyber threats.

Experience required for this role:

• Bachelor's degree or equivalent
• Strong technical ICS experience : ability to review configurations of ICS, identify best practices for backup and recovery of ICS, and understand industrial protocols.
• Good general technical knowledge: Applications technologies, networks, protocols, databases, operating systems (Windows/Linux)
• Understanding of Industrial Networks
• Experience using ICS software including:
  • Engineering Software
  • Version Management Software
  • HMI Software
  • OPC Software

• Working knowledge of networking concepts, ability to review network designs, and perform security assessments of network devices (e.g. switches, routers, firewalls).
• Cybersecurity certifications (e.g.: CISSP)
• ICS Security Certifications (SANS GICSP, ISA/IEC 62443 Risk Assessment Specialist)
• Experience implementing security controls, hardening, and technologies in automation systems and networks.
• Experience implementing vulnerability and patch management in ICS environments.
• Working knowledge of IACS Security standards.
• Willingness to travel to other client sites in Europe (5%).

This vacancy is being advertised by Belcan.