JAB Recruitment are working with a large scale Aberdeen based operator for an Controls Systems IT Engineer.
The CS-IT is a cyber specialist responsible for protecting, monitoring, and improving cybersecurity in Operational Technology (OT) environments. Reporting to the CISO function, the CS-IT strengthens the security and resilience of OT from within the Information Security function. The role partners with Operations, Engineering, and vendors to protect industrial systems without owning or modifying control logic or instrumentation. The focus is on network security, monitoring, vulnerability management, incident response, and governance for IT assets residing on OT networks.
Key tasks / responsibilities
Design secure OT network architectures
• Develop OT baselines and hardening standards
• Review OT project designs for cybersecurity requirements
• Build in segmentation
Implement and manage OT security controls
• Manage OT firewalls
• IDS/IPS
• Deploy and manage monitoring tools
• MFA
• Access[CT1.1] Control
• Vulnerability management
• Embed cybersecurity into OT project delivery - controls, design, regulatory standards
• Govern third-party/vendor OT access
• Key participant in risk assessments
Maintain OT asset inventories
• Discover, log and maintain devices
• Maintain knowledge of vulnerabilities, patching & AV status, OS information etc.
Support OT incident response
• Work alongside partners - application & infrastructure support, SOC
Support compliance with standards
• IEC/ISA 62443, NIST 800-82, ISO 27001
Deliver OT security training
• Champion OT Security
• Build & present material to raise awareness
Skills, experience & attributes of candidate
• Bachelor’s in CS, InfoSec, Engineering, or equivalent experience
• 5+ years cybersecurity experience
• Experience with industrial protocols and OT networking
• Network security experience e.g. firewalls, VPN, VLANs
• Can demonstrate OT experience in live operational environments
• Experience integrating OT data into SIEM/SOAR
• Risk-based decision-making
• Strong cross-functional communication and stakeholder management
• Incident handling in OT environments
• Project execution and documentation
• Willingness to work offshore c.90 days per year (not fixed rotation)
• Microsoft Active Directory and Domain structures
• Advantageous
o Certifications: GICSP, CISSP, or equivalent qualification
o Existing certification for working offshore
o Experience with OT and major DCS/SCADA systems e.g. Honeywell, Yokogawa, Kongsberg
o Understanding of regulatory frameworks e.g. NIS2, Cyber Resilience Act
o 2+ years OT/ICS cybersecurity experience
o ICS/OT knowledge e.g. PLCs, SCADA, DCS, HMI