Cyber Security Engineer

Job Title: Cyber Security Engineer
Contract Type: Permanent
Location: Staffordshire, England
Salary: Negotiable
Reference: J909023_1626164272
Contact Name: Ben Evans
Contact Email:
Job Published: July 13, 2021 09:17

Job Description

Cyber Security Specialist - Incident Response

We currently have a requirement for a Cyber Security Engineer with particular experience of enterprise Business Continuity Planning within the Energy Sector

The successful candidate will report to the Cyber Security Solutions Manager and support our Client in professional service delivery, undertaking activities to meet the business needs including:

* Creation of Business Impact Analysis within OT environment that align continuity model to the business objectives in the face of the ever changing risk landscape
* Review industry specific threats and risks
* Review and creation of Incident Response, Disaster Recovery and broader Business Continuity plans, playbooks, and supporting documentation and materials
* Create and lead a test regime with realistic scenarios which can include oral walkthrough, table top exercise or simulated production environment; based upon experience, case studies provided by NCSC and CISA, or contemporary threat intelligence
* Ability to identify and address supply chain/third party cybersecurity risks and dependencies
* Solve complex operational security problems facing Industry and Critical National Infrastructure
* Assess the security architectures, technologies, and procedures in use at customer locations using remote tooling and by undertaking onsite work
* Able to manage mitigation activities having created remediation action plans, ensuring activities remain aligned with strategic priorities and consistent with current threat and risk assessments
* Conduct vulnerability assessments and administrative audits on client computer systems and network devices in order to comply with NIST 800-53/800-82, ISO 27000 series, IEC 62433, HSE OG-86, and NIS-D frameworks

Requirements (Essential):

* Educated to degree level (or equivalent experience)
* 3 years of relevant Incident Response experience
* Will hold (or working towards) one or more of the following qualifications: CSTM/CSTL, QSTM/SST, ECSA, OSCP
* Solid understanding of the Cyber Security market and industry with exposure to include Energy, Chemical, Utilities, Oil & Gas industries
* Evidence of undertaking Business Continuity Planning engagements assessing compliance against standards, regulations, and frameworks such as NIST SP 800-34 & 61, ISO 22301, CPNI SICS, etc.
* Evidence of reviewing Incident Response plans, escalation and activation including the functional assessment of resources (people and assets) and ability to respond to likely threats/events, review of operational teams/SOC, and review of previous security events and lessons learned -> root cause analysis
* Experience completing system assessments and security audits based on technical security frameworks such as NIST 800-53/800-82, ISO 27000 series, IEC 62433, HSE OG-86, NIS-D, etc.
* Has knowledge of system architectures including Windows/*nix server and client platforms, Virtualisation, Networking, Wireless technologies, and security products (firewalls, IDS/IPS, sheepdip, vulnerability scanners etc)
* Experience securing cross-domain IT/OT communications and interfaces
* Ability to build and maintain strong relationships with internal and external customers and key business stakeholders
* A drive for outstanding customer service and high-performance culture
* Able to clearly and confidently communicate ideas, present, and explain technical knowledge to management and other internal/external stakeholders
* Ability to apply practical and pragmatic understanding of service delivery, exceeding the customer's expectations
* The ability to research novel ideas/products to identify suitability for a solution
* A team player who has drive and tenacity with a willingness to learn
* Always follows best health & safety practices on customer sites
* Can successfully complete all assigned tasks to plan and in line with company procedures and standards
* Full UK driving licence and must be prepared to travel to client sites when required
* Able to achieve and maintain SC clearance

Requirements (Desirable):

* Qualifications: GICSP and other OT security certifications

Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Russell Taylor will be acting within your interest and will contact you in relation to the role, either by email, phone or text message. For more information see our Privacy Policy h t t p s : / / w w w . r u s s e l l - t a y l o r . c o . u k / p r i v a c y - p o l i c y on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or the GDPR please contact us on h r @ r u s s e l l - t a y l o r . c o . u k