Cyber Security Engineer

Posted 22 February 2023
Salary £550 - £600 per day
LocationLeeds
Job type Contract
ReferenceBBBH80565_1677073187
Contact NameEmma Stewart

Job description

Cyber Security Engineer - Thermal Energy
Start Date: ASAP
Duration: 12 Month Contract
Location: Hybrid / Leeds
Rate: £600 per day
Engagement Method: Inside IR35

The role will focus on the assessment and control of cyber security risks to ensure Thermal Energy's ongoing compliance to regulatory obligations as an operator of an essential service under the Network and Information Systems Directive/Regulations. You will contribute to the delivery of the Thermal cyber resilience plan into the Thermal operational fleet.

Key Accountabilities

  • Working with Thermal sites to develop and maintain their cyber risk registers

  • Engage with Thermal risk management process to ensure risks are communicated consistently and understood by the risk owners for reporting requirements.

  • Delivery of the risk assessment process, enabling Thermal Operational Technology risks to be fully understood.

  • Responsible for implementing and managing individual aspects of the Thermal OT cyber resilience plan to mitigate business risk and track progression on UK Cyber Assurance Framework (UK), NIST CSF (ROI) and OG86 (UK - HSE), in line with regulation.

  • Develop improvement action plans with the business

  • Produce reports and present updates on compliance and improvement planning for regulators


Key Skills

  • Knowledge and experience of implementing NIST framework (800-53) including 800-82 overlay, HSE Operational Guidance OG 86, IEC 62443 and the NIS Directive/Regulations and other information privacy legislation.

  • Knowledge and experience of UK Cyber assessment framework (UKCAF), authoring and linking internal procedural cyber security governance, and implementation of technical security controls that can surround industrial environments.

  • Knowledge and understanding of working with and application of risk management frameworks

  • Experience of running OT security risk assessments and building a remediation strategy in an industrial control system environment.