Bilfinger UK is a leading engineering and maintenance provider, supporting customers across the chemical & petrochemical, nuclear, oil & gas, pharmaceuticals & biopharma, power & energy, utilities, renewables and food & beverage markets. We enhance the efficiency of assets, ensuring a high level of availability and reducing maintenance costs.

We have extensive experience in offshore and onshore facilities; specialising in asset management services throughout all life cycle phases from consulting, engineering, manufacturing, assembly, operations, maintenance, and decommissioning.

This commitment is delivered by an experienced and highly competent workforce of over 4,500 employees operating from 14 offices in strategic industrial hubs, upholding the highest standards of safety, compliance and quality.

Role:

We are seeking an experienced, committed and enthusiastic Operational Technology (OT) Cyber Security Systems Engineer to join our Automation team for a project-based contract role to design, develop & build and test network management and cyber security controls for an Industrial Control Systems (ICS) environment.

The role focuses on securing operational technology systems and networks while ensuring system availability, safety, and compliance with industry and client standards.

The OT Cyber Security Systems Engineer will take full responsibility for the successful delivery of cyber security and industrial networking aspects of the project (technical, quality, time and cost elements).

The candidate must be pro-active and able to deliver their own tasks whilst coordinating with project team members, supervising, assisting and monitoring task progress and support the Project Manager commercially on progress, risks, issues and opportunities.

The Engineer should work co-operatively with the Project Manager, Lead Engineers and engineering team to ensure smooth project progress in accordance with the agreed project lifecycle.

Key Responsibilities:

Working closely and collaboratively with the Project Manager, Lead Engineers and project engineering team you will:

• Be responsible for technical delivery of the OT network management system and cyber security controls for the project.

• Design, implement and test secure systems and networks for an industrial control system.
• Produce clear technical documentation, including design specifications, test procedures and operating and maintenance documentation, taking ownership of and updating existing documentation.
• Deploy and test networks and cyber security controls for a PLC and SCADA environment.
• Conduct system integration and factory acceptance testing (FAT).
• Support OT Cyber Security project lifecycle management activities including vulnerability identification, patching, software and password management.
• Collaborate effectively with and support the Project Manager, Lead Engineers and project engineering team with the planning and execution of OT cyber security aspects of projects to ensure they meet the time and quality required with clear reporting on progress and blockers.

• Provide health and safety leadership by example.

Essential Skills & Experience:

• Proven experience of design, implementation and testing of OT/ICS networks and cyber security solutions within industrial environments.
• Detailed experience of the full project life cycle from system specification through design, development, testing.
• Experience of the design, specification, implementation, testing and commissioning of security solutions, controls and countermeasures for OT/IACS environments. This should include:

• System security - Hardening of virtual environments and operating systems to recognised industry standards, guidelines and best practices.

• Cyber security applications for industrial control system environments:

• Malware detection and protection i.e. Endpoint Detection and Response (EDR).
• Network Intrusion Detection (IDS).
• Network monitoring.

• Hands on experience of:

• SolarWinds monitoring system including:
• Network Performance Monitor.
• Network Traffic Analyser.
• Software Application Manager.
• Log Analyser.
• Host-based Intrusion Detection Systems (HIDS) and Host-based Intrusion Prevention Systems (HIPS) using Trellix Endpoint Security (ENS)
• Definition and implementation of Microsoft Active Directory, including GPO’s in a Windows Operating Systems environment.
• VMWare ESXi including configuration and environment security.
• Network Attached Storage (NAS) systems using Synology hardware

• Strong troubleshooting, documentation, and stakeholder communication skills.

• Experience of working within a Quality Management System (QMS), delivering well described outputs with traceability through project lifecycle

Desirable Skills & Experience:

• Experience of the design, specification, implementation, testing and commissioning of security solutions, controls and countermeasures for OT/IACS environments. This should include:

• Network security – Secure deployment and hardening of network infrastructure including segmentation and boundary protection through managed switches and firewalls, and passive Network Intrusion Detection Systems (NIDS).

• Hands on experience of:

• Network design and implementation using Rockwell Automation or Cisco industrial portfolio of managed network switch products.
• Firewall design and implementation using Cisco Firepower technology.
• Network synchronisation, including dedicated time appliances and NTP

• Understanding of the OSI and TCP/IP Models in theory and application, with strong applied knowledge of industrial network protocols (including EtherNet/IP, with CIP Security beneficial)
• Technical knowledge of a variety of control system Original Equipment Manufacturers (OEMs) e.g. AVEVA, Rockwell Automation etc.
• Experience working in or for System Integrator, Operators of Essential Services (OES) or Critical National Infrastructure (CNI) organisations
• Familiarity with cyber security standards and frameworks relevant to OT.
• Experience mentoring junior staff members including apprentices

Qualifications:

• A degree or HND/HNC in Electronic/Electrical Engineering, Computer Science or other relevant engineering discipline
• Professionally registered engineer or working towards professional registration

• Relevant OT cyber security certification e.g.:
• ISA/IEC 62443 Cyber Security Expert
• Global Information Assurance Certification (GIAC) Global Industrial Cyber Security Professional Certification (GISCP)
• CCNA, CCNP etc.

If you wish to speak to a member of the recruitment team, please contact 01224 246246.

 leo.taylor@bilfinger.com