Cyber Security OT Engineering Manager in Ipswich

This Cyber Security OT Engineering Manager will report to the Head of Cyber Security and Technology Risk and will work within the Information System directorate based in our Ipswich, Fore Hamlet office. You will be a permanent employee. You will attract a salary of circa £100,000.00 – depending on skills, qualifications and experience – and a bonus of 10%. This role can also offer blended working after probationary period (6 months) – 3 days in the office and 2 remote. Candidates must currently hold or be eligible for UK National Security Vetting, minimum Security Check (SC) clearance.

Benefits:

• 25 Days Annual Leave plus bank holidays.
• Reservist Leave – Additional 18 days full pay and 22 unpaid.
• Personal Pension Plan – Personal contribution rates of 4 % or 5 % (UK Power Networks will make a corresponding contribution of 8 % or 10 %).
• Tenancy Loan Deposit Scheme, Season Ticket Loan.
• Tax‑efficient benefits: Cycle to Work, Home & Tech, and Green Car Leasing Schemes.
• Occupational Health support.
• Switched On – scheme providing discount on hundreds of retailers' products.
• Discounted gym membership.
• Employee Assistance Programme.

Job Purpose:

The Cyber Security OT Engineering Manager is an important role as the operational owner and custodian of all OT cyber security solutions deployed across UK Power Networks (UKPN). The post holder has full responsibility for planning, designing, implementing, supporting and maintaining the UKPN OT cyber security solutions and capabilities that support the Head of Cyber Security and Technology Risk in delivering the cyber security strategic imperatives whilst ensuring that UKPN networks, systems and data are protected from ongoing cyber risks and threats.

Dimensions:

• People: Direct management of circa 8 permanent and temporary cyber security OT engineer resources plus the management of third‑party service providers.
• Financial: Shared budget responsibility for £1‑3 m annual covering resources, tools and professional services.
• Suppliers: Management and oversight of 3rd party service providers and specialist technical consultants as contracted.
• Communication: Present and explain technical design solutions and problems to engineering teams and in lay‑person terms to non‑technical partners to facilitate and ensure understanding across the business. Verbal, written, and presentational skills are an essential requirement.
• Technical Complexity: Very high degree of technical complexity to effectively translate diverse and competing requirements (business, technical, regulatory, security, operational etc) into an effective solution design and support that is a blend of different systems, networks, infrastructure and application architectures. Requires the experience across the broad spectrum of OT and IT technologies and architectural principles, tools and techniques to design, build secure and maintain resilient solutions for UKPN.
• Stakeholders: Regular and ongoing interaction with executive and senior management stakeholders across OT, IT and the Business. Create and maintain strong working relationships with senior internal OT/IT technical support teams, third party providers, suppliers, and partners to drive the desired outcomes and create alignment around a vision or course of action.

Principal Accountabilities:

• Lead and develop a team of highly skilled cyber security OT engineers responsible for designing, building, evaluating, implementing and maintaining security solutions aligned to UKPN cyber security transformation strategy.
• Accountable for the operational execution and ongoing maintenance of the OT (templates, standards, processes and procedures) to facilitate compliance and operational reporting.
• Accountable for the cyber security OT technology service management activities such as System/Technology Incidents, Problems, Change Requests, Approvals and Security Incident Response.
• Manage post‑incident activity to include scheduling of Post Incident Reviews (PIR), the documentation of Root Cause Analysis (RCA) for security and system incidents and the tracking of actions to prevent incident recurrence and strengthen relevant controls.
• Evaluate and implement security controls to be used across OT platforms and all layers of the application stack while maintaining alignment with UKPN's overall enterprise strategy and architecture.
• Chair and manage the Cyber Security OT Engineering Forum as the lead authority for all OT cyber security technology matters through the review and approval of all solution problems and enhancements.
• Provide technical leadership as the subject matter expert for complex cyber security solutions, capturing requirements and translating these into secure technical designs.
• Contribute to relevant industry and UK government groups to gather, analyse and report on related best practices, threat intelligence and learning from security partners, peers and UK government agencies to understand potential and relevant impacts to the company so to identify relevant cyber countermeasures and architectural improvements.
• Produce accurate cyber security metrics dashboards and reports for both technical and business stakeholders on the effectiveness of UK Power Networks' capabilities.
• Guide and undertake role‑modelling, mentoring, development, motivation and evaluation of staff within the team, creating an environment where the team excels.
• Deputise for the Head of Cyber Security and Technology Risk for certain pre‑agreed tasks and activities.

Nature And Scope:

The Information Systems Department works across UK Power Networks, supporting us in the achievement of our vision to become the best performing DNO. The team achieves this through the provision of technology solutions and the optimisation of current solutions to improve how we operate. Six managers report to the Head of Cyber Security and Technology Risk: The Cyber Security Operations Manager, Cyber Security Technical Assurance Manager, Cyber Security GRC Manager and Cyber Security Portfolio Manager, Cyber Security IT Engineering Manager as well as the Cyber Security OT Engineering Manager. You will be the technical owner and custodian of the cyber security OT technical solutions deployed across UK Power Networks (UKPN). Your role will have a 360‑degree view across the technology landscape and will work collaboratively with Enterprise Architects, IT Support teams and Project Managers to ensure a robust security posture is maintained whilst delivering the Cyber Security Transformation Strategy.

Qualifications:

• Senior technology leader with experience designing, implementing and supporting OT cyber solutions and complex technical projects/solutions, design authority processes, and overall solution design management processes.
• Able to convey complex technical information in a focused, simple and commercially relevant manner to a senior and non‑technical audience.
• Hold an industry‑recognised information security qualification such as GIAC/GCIA/GCIH, CISSP, CCSP, CCSK or CompTIA Advanced Security Practitioner (CASP+) and/or SIEM‑specific training and certification.
• A degree in Computer Science, Computer Engineering, Information Technology, or relevant field with experience in OT cyber security.
• Knowledge of security technology including authentication and authorisation, security protocols, cloud security, an understanding of enterprise architecture and security frameworks like TOGAF, NIST, CIS, etc.
• Knowledge of compliance and regulatory frameworks such as National Cyber Security Centre (NCSC) Network and Information Security (NIS) Directive, Cyber Assessment Framework (CAF), ISA/IEC 62443, ISO/IEC 27001/27002, Cyber Essentials, Cloud Security Alliance (CSA) Cloud Controls Matrix, GDPR.
• Ability to advise and recommend with credibility at all levels and manage complex partner relationships.
• Ability to collaborate with a range of internal and external people, such as Project Managers, Business Managers, and Technical Engineering Teams to understand customer needs and design secure, "fit for purpose" business and technical solutions.
• Broad experience across both Operational Technology (OT) systems, including Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) and enterprise Information Technology (IT).
• Experience working within a regulated environment, preferably Energy sector Critical National Infrastructure (CNI).

Health & Safety Responsibilities:

Managers and supervisors carry both legal and company responsibilities for ensuring the health and safety of their employees, those under their control and those who might be affected by the work undertaken, i.e. public, visitors and employees of other organisations. This includes briefing individuals working for them and ensuring there is the necessary understanding, competence and application of requirements to work safely and without harming the environment. Employees will ensure they understand the health and safety risks involved in their work activities and their responsibility to apply the controls needed to manage those risks to acceptable levels. Similarly where work activities can have an adverse impact upon the environment, and where there are legal requirements, employees will understand those impacts and the controls they must ensure are applied. If in doubt ask!

Equal Opportunity:

We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace. If you have any queries in connection to this vacancy or your application, please contact us at careers@ukpowernetworks.co.uk quoting the vacancy reference number and a member of the team will get in touch with you as soon as possible.