Cyber Security Engineer
Reference: 956979
Location: Nottinghamshire / Merseyside
Type: Permanent, full time
Sector: Renewable Energy
Descrition
Our client is client is a dynamic powerhouse delivering grid-scale energy storage and power infrastructure across the UK. Backed by major infrastructure investors and scaling rapidly, our Client is recruiting for a Cyber Security Engineer to join them on a permanent staff basis.
The Role
As our Client’s portfolio continues to expand, they are strengthening their cyber security capability with a hands-on engineer who will join the Head of Digital Systems & Compliance within a small team responsible for cyber security across the business.
The Cyber Security Engineer will be the technical delivery lead within the team, responsible for hardening servers and cloud environments, contributing to site network designs, supporting audits and certifications, responding to incidents, and maintaining effective day-to-day security controls.
Key Responsibilities
Site Cyber Security
Contribute to the cyber security topology for new and existing BESS and engine generation sites, supporting clear segmentation between IT, OT and control system networks.
Apply the team’s reference architectures and standards for site connectivity, secure remote access, firewall rules and security monitoring consistently across the growing site portfolio.
Review site network designs from a cyber security perspective, escalating concerns before commissioning.
Work alongside the Operations team to identify and help mitigate cyber risk to PLCs, SCADA, BMS, inverters and other operational technology, with OT systems remaining owned by Operations.
Maintain accurate site cyber security documentation, including network diagrams, asset inventories, data flows and risk registers.
Corporate and Office Cyber Security
Help maintain the cyber security posture of the corporate office environment, including endpoints, identity, email and SaaS platforms.
Work with the vCIO to help enforce security policies covering acceptable use, password and MFA standards, mobile devices, and remote/home working.
Work with the vCIO to run phishing simulations, support security awareness training and help build a positive security culture across all staff.
Work with the vCIO to support joiners, movers and leavers processes, access reviews and privileged access controls in conjunction with the third-party IT provider.
Work with the vCIO to monitor and triage alerts from Microsoft 365 / Defender, EDR and other corporate security tooling through to resolution.
Infrastructure Hardening and Cloud Security
Work with Head of Data & AI to harden Linode, Azure, AWS and other cloud-hosted servers and tenants against current threat profiles, applying CIS Benchmarks or equivalent baselines across identity, networking, secrets and logging.
Carry out patch management, vulnerability scanning and remediation across servers, network devices and cloud workloads, in line with agreed SLAs.
Work with Head of Data & AI to implement and maintain secure backup, disaster recovery and centralised logging capabilities sufficient for forensic investigation.
Manage external attack surface which includes DNS, certificates, public-facing services and reduce unnecessary exposure where practical.
Audits, Certifications and Compliance
Support the delivery of cyber security audits across both corporate IT and site environments, whether internal or externally commissioned.
Work with the vCIO to achieve and maintain Cyber Essentials and Cyber Essentials Plus certification and contribute to alignment with ISO 27001 and IEC 62443 as the business matures.
Support compliance with the NIS Regulations, UK GDPR / Data Protection Act and any sector-specific requirements arising from DNO, grid, customer or insurer due diligence.
Respond to customer, insurer and counterparty security questionnaires, and help maintain the cyber security risk register reported to senior leadership.
Incident Response and Operational Risk
Help develop, maintain and regularly test the cyber incident response plan, covering both corporate IT and site OT scenarios.
Support the technical response to cyber incidents, working with the third-party IT provider, vCIO and external specialists as required.
Conduct root cause analysis on incidents and near-misses and drive corrective actions through to closure.
Maintain and exercise business continuity arrangements for cyber-led disruption scenarios, in conjunction with Operations.
Collaboration with Internal Teams and Suppliers
Be a day-to-day cyber security point of contact for the business, working hand-in-hand with the third party IT provider and vCIO on operational delivery.
Build effective working relationships with internal teams across Operations, Engineering, Finance and Compliance.
Help assess cyber risk introduced by third-party suppliers and contractors, including security requirements in contracts and onboarding.
Provide pragmatic cyber security input to procurement decisions for new site connectivity, control systems, software and SaaS platforms.
Project Support and Continuous Improvement
Contribute to infrastructure and digital projects from a cyber security perspective, with particular focus on the expansion of the site portfolio.
Contribute to the cyber security roadmap and risk register and support business cases for cyber security investment.
Identify opportunities for automation, tooling improvements and continuous improvements across the cyber security function.
Key Requirements
Skills & Experience
Essential Skills & Qualifications:
Degree in Cyber Security, Information Technology, Computer Science or a related discipline, or equivalent professional experience.
Industry certification such as CompTIA Security+, SSCP or BCS Foundation Certificate in Information Security Management Principles. Further certifications such as GICSP, CISM or CISSP are desirable and can be supported in role.
Hands-on experience hardening Windows and Linux servers and cloud workloads (e.g. Linode, Azure, AWS) against recognised baselines.
Practical knowledge of network segmentation, firewalls, VPNs, secure remote access and core security tooling such as EDR, SIEM and vulnerability scanners.
Awareness of Cyber Essentials, Cyber Essentials Plus, ISO 27001, IEC 62443 and the NIS Regulations, with appetite to develop deeper expertise.
Strong communication skills, with the ability to explain technical risk clearly to non-technical colleagues.
Essential Knowledge
The postholder should have a solid grounding in cyber security across both IT and, ideally, operational technology (OT) environments.
Working knowledge of network segmentation, firewalls, secure remote access, identity and access management, endpoint protection, vulnerability and patch management, and server and cloud hardening across platforms such as Linode, Microsoft 365, Azure and AWS.
Familiarity with industrial control system concepts, including PLC, SCADA and BMS.
Experience or understanding of incident response and business continuity.
Awareness of Cyber Essentials, Cyber Essentials Plus, ISO 27001, IEC 62443, the NIS Regulations and UK data protection requirements.
The ability and desire to further develop expertise across these areas within the role.
Person Specification
The successful candidate will be a hands-on, pragmatic cyber security professional with experience in an IT security, infrastructure or SOC role.
Genuinely interested in industrial and energy environments, with a willingness to learn the OT side of the business.
Equipped with strong technical fundamentals and the ability to balance security requirements with operational needs.
A strong communicator, able to collaborate effectively across operational, engineering and corporate teams.
Comfortable working as part of a small team alongside an outsourced IT provider and vCIO.
Self-motivated, proactive and committed to continuous improvement and the secure expansion of the site network.
Keen to grow technically and take on increasing responsibility as the cyber security function continues to mature.
Due to current workloads, Simpson Booth regrets to inform that in the instance you have not heard from us within 2 weeks of your application, you are to consider your application unsuccessful at this time.