Cyber Security Engineer - Thermal Energy Start Date: ASAP Duration: 12 Month Contract Location: Hybrid / Leeds Rate: £600 per day Engagement Method: Inside IR35
The role will focus on the assessment and control of cyber security risks to ensure Thermal Energy's ongoing compliance to regulatory obligations as an operator of an essential service under the Network and Information Systems Directive/Regulations. You will contribute to the delivery of the Thermal cyber resilience plan into the Thermal operational fleet.
Key Accountabilities
Working with Thermal sites to develop and maintain their cyber risk registers
Engage with Thermal risk management process to ensure risks are communicated consistently and understood by the risk owners for reporting requirements.
Delivery of the risk assessment process, enabling Thermal Operational Technology risks to be fully understood.
Responsible for implementing and managing individual aspects of the Thermal OT cyber resilience plan to mitigate business risk and track progression on UK Cyber Assurance Framework (UK), NIST CSF (ROI) and OG86 (UK - HSE), in line with regulation.
Develop improvement action plans with the business
Produce reports and present updates on compliance and improvement planning for regulators
Key Skills
Knowledge and experience of implementing NIST framework (800-53) including 800-82 overlay, HSE Operational Guidance OG 86, IEC 62443 and the NIS Directive/Regulations and other information privacy legislation.
Knowledge and experience of UK Cyber assessment framework (UKCAF), authoring and linking internal procedural cyber security governance, and implementation of technical security controls that can surround industrial environments.
Knowledge and understanding of working with and application of risk management frameworks
Experience of running OT security risk assessments and building a remediation strategy in an industrial control system environment.
