Bilfinger UK is a leading engineering and maintenance provider, supporting customers across the chemical & petrochemical, nuclear, oil & gas, pharmaceuticals & biopharma, power & energy, utilities, renewables and food & beverage markets. We enhance the efficiency of assets, ensuring a high level of availability and reducing maintenance costs.
Role:
The OT Cyber Security Systems Engineer will take full responsibility for the successful delivery of cyber security and industrial networking aspects of the project (technical, quality, time and cost elements).
The Engineer should work co-operatively with the Project Manager, Lead Engineers and engineering team to ensure smooth project progress in accordance with the agreed project lifecycle.
Key Responsibilities:
Working closely and collaboratively with the Project Manager, Lead Engineers and project engineering team you will:
* Be responsible for technical delivery of the OT network management system and cyber security controls for the project.
* Design, implement and test secure systems and networks for an industrial control system.
* Produce clear technical documentation, including design specifications, test procedures and operating and maintenance documentation, taking ownership of and updating existing documentation.
* Deploy and test networks and cyber security controls for a PLC and SCADA environment.
* Conduct system integration and factory acceptance testing (FAT).
* Support OT Cyber Security project lifecycle management activities including vulnerability identification, patching, software and password management.
* Collaborate effectively with and support the Project Manager, Lead Engineers and project engineering team with the planning and execution of OT cyber security aspects of projects to ensure they meet the time and quality required with clear reporting on progress and blockers.
* Provide health and safety leadership by example.
Essential Skills & Experience:
* Proven experience of design, implementation and testing of OT/ICS networks and cyber security solutions within industrial environments.
* Detailed experience of the full project life cycle from system specification through design, development, testing.
o System security - Hardening of virtual environments and operating systems to recognised industry standards, guidelines and best practices.
o Network security – Secure deployment and hardening of network infrastructure including segmentation and boundary protection through managed switches and firewalls, and passive Network Intrusion Detection Systems (NIDS).
* Hands on experience of:
o Network design and implementation using Rockwell Automation or Cisco industrial portfolio of managed network switch products.
o Firewall design and implementation using Cisco Firepower technology.
o Network synchronisation, including dedicated time appliances and NTP
* Understanding of the OSI and TCP/IP Models in theory and application, with strong applied knowledge of industrial network protocols (including EtherNet/IP, with CIP Security beneficial)
* Experience of working within a Quality Management System (QMS), delivering well described outputs with traceability through project lifecycle
Desirable Skills & Experience:
* Cyber security applications for industrial control system environments:
o Malware detection and protection i.e. Endpoint Detection and Response (EDR).
o Network Intrusion Detection (IDS).
o Network monitoring.
* Hands on experience of:
o SolarWinds monitoring system including:
+ Network Performance Monitor.
+ Network Traffic Analyser.
+ Software Application Manager.
+ Log Analyser.
o Host-based Intrusion Detection Systems (HIDS) and Host-based Intrusion Prevention Systems (HIPS) using Trellix Endpoint Security (ENS)
o Definition and implementation of Microsoft Active Directory, including GPO’s in a Windows Operating Systems environment.
o VMWare ESXi including configuration and environment security.
o Network Attached Storage (NAS) systems using Synology hardware
* Technical knowledge of a variety of control system Original Equipment Manufacturers (OEMs) e.g. AVEVA, Rockwell Automation etc.
* Experience working in or for System Integrator, Operators of Essential Services (OES) or Critical National Infrastructure (CNI) organisations
* Familiarity with cyber security standards and frameworks relevant to OT.
* Experience mentoring junior staff members including apprentices
Qualifications:
* Professionally registered engineer or working towards professional registration
* Relevant OT cyber security certification e.g.:
o ISA/IEC Cyber Security Expert
o Global Information Assurance Certification (GIAC) Global Industrial Cyber Security Professional Certification (GISCP)
o CCNA, CCNP etc.
If you wish to speak to a member of the recruitment team, please contact .