Cyber Security Engineer

The Cyber Security Engineer holds the key responsibility of safeguarding the company's vital infrastructure, intellectual assets, and customer information from evolving cyber threats, ensuring uninterrupted operations. You will adopt a proactive stance in constructing, implementing, and managing our Cyber capabilities to bolster our defences, utilising innovative and state-of-the-art cyber technologies. As a Cyber Security Engineer, you will be managing cyber threats, detecting and preventing real-time attacks promptly, and swiftly addressing them, integrated with advanced artificial intelligence and machine learning. Moreover, you will harness Cyber DevOps automations to expedite deployment and mitigate threats rapidly, guaranteeing the resilience of our Operational Technology (OT), IT, and digital infrastructure amidst emerging challenges. It will be your responsibility and duty to establish and enforce the Cyber framework and Security compliance policies company-wide, including the formulation of robust Business continuity plans, disaster recovery strategies, and critical management protocols to ensure operational resilience in the face of cyber threats and other emergencies.

Key Responsibilities:

• Technical: Extensive background in Cyber Security engineering and implementation with a comprehensive understanding of both Operational Technology (OT) and Information Technology (IT) services. Proficient in Cyber Security practices for safeguarding IT, OT, and intellectual property networks, including expertise in IPSec VPNs, Firewalls, SIEM, IPS/IDS, AV/EDR solutions, LDAP/AD, etc. Advanced knowledge in Privileged Access Management (PAM) and associated tools. High proficiency in Vulnerability and Compliance Management, as well as DDOS protection. Hands-on experience in engineering Cyber Security solutions for cloud platforms (e.g., AWS, Azure) utilising open-source tools, DevOps, and automation (e.g., Zabbix, ELK, Grafana, Netbox, Netmiko, Ansible, Alienvault, OpenVas, etc.). Professional-level understanding of public cloud security services and architectures, with desirable expertise in Private Clouds.
• Non-Technical: Effective collaboration skills to drive key security objectives forward. Strong communication abilities, encompassing technical and business-oriented presentation and documentation writing. Aptitude for self-directed learning as necessitated by business requirements. Demonstrated problem-solving skills. Assertiveness and adaptability to navigate change, complex projects, and transformations. Excellent teamwork abilities, including collaboration within geographically dispersed teams.
• Desirable but not essential: Familiarity with policy frameworks and regulatory landscapes such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc. Knowledge of virtualization technologies including Docker, Kubernetes, Linux, etc. Experience with host-based security products and methodologies (e.g., threat detection, end-user detection and response, micro-segmentation, zero trust). Exposure to ITIL environments or structured platform management. Possession of professional certifications such as CISSP, CISM, CCNP, CCIE, AWS Certified Security, etc.

Key Accountabilities

• Technical: Lead the design and implementation of end-to-end Cyber capabilities for both OT and IT in alignment with Cyber goals and company strategy. Provide technical leadership and subject matter expertise in Cyber Security. Design and deploy security tools for new and existing infrastructure and digital deployments. Continuously adjust cyber capabilities based on evolving cyber threat landscapes. Support and potentially lead NOC/SOC operational teams. Oversee Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and implement mitigating solutions. Manage capacity for cyber platforms proactively. Integrate Cyber solutions effectively with IT and OT platforms. Design data structures for Cyber logs, reports, and incidents to align with digitisation strategies, incorporating AI and ML where appropriate. Apply agile and DevOps methodologies as necessary. Develop and implement policies, procedures, and operational cyber defence processes. Provide second and third-line cyber support during cyber incidents.
• Strategic: Collaborate within the wider team to drive automation and data mining in support of cyber goals and the company's digitisation transformation. Develop and execute the cyber roadmap for platform development and threat mitigation, in alignment with the unit’s cyber vision and strategy. Continuously enhance professional cyber skills and awareness to stay ahead of cyber threats. Lead complex technical deliverables, ensuring timely and budget-compliant completion. Work autonomously within a clear framework of accountability. Take substantial personal responsibility and autonomy in role execution. Plan work independently, engage stakeholders effectively, and collaborate with business teams to fulfil commitments. Establish oneself as a recognised expert in Cyber technologies.