Business Information Security Officer
LyondellBasell
Cyber Security
Senior Cyber and Network Engineer
Wood
full-time
Posted on:
Origin: • 🇬🇧 United Kingdom
Visit company websiteJob Level
Senior
Tech Stack
Cyber Security
About the role
- Support the implementation of projects in line with company objectives including margin, customer satisfaction, schedule, working capital and safety performance
- Provide cyber security, networking, secure architectures, solutions, vulnerability and risk assessments, technologies and procedures to support Wood assignments/project teams and clients
- Discover vulnerabilities and risks in networks, software systems and data centers through ongoing vulnerability scans and network monitoring
- Assess the robustness of cybersecurity architectures, technologies, and procedures implemented within customer facilities
- Design solutions and implement measures to mitigate security risks (e.g., antivirus, patch management, insider threat protection, incident response plans, regulation compliance)
- Conduct vulnerability assessments and audits on client systems and network devices considering OT testing sensitivity
- Provide expertise in Network Design, implementation, and testing for Integrated Automation and Control Systems Solutions
- Identify and define network requirements and develop Detailed Network Architecture & Network Dataflow Diagrams
- Produce Network Schedules (IP addresses, data communication, server & VM, switch & firewall) and Testing procedures (FAT)
- Produce material requisitions and contribute to technical bid evaluation
- Review vendor drawings and consolidate comments from other disciplines
- Undertake Cyber Security Risk Assessments and advise on mitigating actions
- Support evaluation of client security posture and identify vulnerabilities and areas for improvement
- Stay up to date with latest security trends, threats, and best practices
- Apply integration concepts across multiple vendor platforms and engineer technical aspects of automation project network design and implementation
- Prepare engineering studies and network & cyber design documentation and resolve specialty-related engineering issues
Requirements
- Applicants must be able to pass HMG Baseline Personnel Security Standard (BPSS) check
- Minimum BSc Degree or equivalent demonstratable experience
- Certifications such as CCNA, CCNP, CWNP, ISA/IEC 62443 Cybersecurity Certificates, or GICSP are highly desirable
- Significant experience and competency in Control System Network Design Engineering
- Good understanding of IEC62443 Industrial Cyber Security
- Good understanding of IEC27001/2 Information Security Management
- Good general knowledge of each Automation and Control engineering discipline
- Knowledge of industrial communication protocols (e.g., Modbus, DNP3, OPC) and their security implications
- Experienced in writing Network specifications
- Detailed experience with multiple system implementation projects and/or control system platforms
- Experience in Brownfield upgrades/replacement automation and control projects
- Thorough knowledge of engineering practices, methodologies and economic principles, calculation methods, design details, international codes and standards, procedures, and specifications
- Knowledge of modern automation and control applications, tools, methodologies, or equivalent training/experience
- Understanding of the interplay between physical security and cybersecurity in OT environments
- Familiarity with safety standards and regulations relevant to OT environments
- Good working knowledge of current industry specific technology and the application of current engineering software/tools and trends
- Inquisitive, well organized and have a keen eye for detail
- Desirable: Experience with Networks containing Rockwell, Honeywell and Schneider PLC/SCADA systems
- Desirable: Familiarity with telecom protocols, satellite communication and radio-link technologies
- Desirable: Experience of OT Intrusion Detection Systems
