Cyber Security Engineer

North Lanarkshire
30 Apr 2021
28 May 2021
Job Type
Cyber Security
Employer Sector
Technology, ICT & Telecoms
Contract Type
Full Time
Our client a leading Energy company are seeking an experienced Cyber Security Engineer for an on-going contract role based in Glasgow City Centre. Working from home initially, with a view to have a presence in City Centre HQ moving forward.

With the focus on Cyber Security there is a need for a Cyber Security Engineer within SP Renewables in order to act as a focal point for both Business as Usual (BAU) and support Project activity where required. The role will encompass Cyber Security in both Informational and Operational Technologies (IT & OT).

To identify and manage the security risks to information and operational assets supporting key business processes.

To define security requirements for these assets and apply to key business processes, communications systems, architecture and design.

To design, implement and manage systems and procedures to ensure compliance with group\ local and business information security policies.

To support coordination and sharing of best practise with other SP businesses and Corporate Cyber Security governance group.

To perform and support systems activities for BAU Operations.

The post holder, working under direction, will form part of the SPR Operations team and be responsible for developing, and implementing the Cyber Security policies in place for ScottishPower Renewables.

Primary responsibilities of the role include:

Develop, implement and manage a local asset inventory of SCADA devices and other Cyber assets within the SPR portfolio of windfarms and other SPR locations.
Develop, implement and manage endpoint protection across SCADA systems.
Perform reviews of access control to SCADA networks as per local Cyber policies.
Facilitate resilience testing for IT/OT systems as per local Cyber policies.
Facilitate penetration testing of SCADA assets as per local Cyber policies.
Manage and review IT/OT vulnerabilities.
Manage, review and optimise firewall rules.
Manage, update and act as liaison for security monitoring systems.
Perform systems activities including procurement, installation, configuration and support for BAU Operations.
Develop, implement and manage the SPR Asset Change Management process for SCADA devices and other Cyber assets ensuring all changes are registered and approved in compliance with the local Cyber policies.
Provide security advice, in collaboration with Corporate Cyber Security, and support to management, BAU and projects to comply with both global and local requirements and obligations.
Maintain and communicate relevant local security procedures aligned with necessary Cyber Security rules, processes, procedures and standards.
Perform risk analysis to ensure that appropriate security controls are in place and highlight any deficiencies and gaps for management consideration.
Where required, propose solutions and coordinate delivery of mitigating actions to ensure risk levels are aligned with risk appetite.
Perform compliance checks to ensure Cyber Security controls are operating as designed.
Work closely with other areas of the Group (Iberdrola, SP Businesses) to exchange best practise.
Identify opportunities to enhance the business security incident response processes, tools and procedures.
In conjunction with the Corporate Cyber Security team collaborate to produce \ deploy Cyber Security awareness training and material across SPR as required.
In collaboration with Corporate Cyber Security participate and support security related investigations and reporting and
Operate collaboratively with the wider Corporate Cyber Security team as required to deliver the required solutions.

Educated to degree level in a business discipline or equivalent experience.
Strong understanding \ experience of Cyber Security concepts.
Understanding \ experience of SCADA control concepts.
Excellent communication and documentation skills.
Strong analytical, influencing and interpersonal skill, with proven ability to communicate effectively at all levels.
Ability to operate and engage at all levels in the organisation.
Knowledge and awareness of security standards including ISO 27000 series and ISA/IEC 62443 series.
Proficient with Microsoft Office products.
Analytical, logical and strategic skills.
Procedural development experience.
Ability to work on own initiative.
Efficiency orientated and
Customer focussed.

Desirable experience
Cyber Security professional or similar qualification and
Good knowledge of SP Renewables business functions, processes and interactions
Good knowledge of Operational Technology / SCADA

contact details

(phone number removed)