80665 - IT Cyber Security Engineer
This IT Cyber Security Engineer will report to the Cyber Security Engineering Lead and will work within the Information Systems directorate based in our Crawley office. You will be a permanent employee.
You will attract a salary of £60,550.00 and a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote
Close Date: 09/05/2025.
We also provide the following additional benefits
1. 25 Days Annual Leave plus bank holidays.
2. Reservist Leave – Additional 18 days full pay and 22 unpaid
3. Personal Pension Plan – Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%)
4. Tenancy Loan Deposit Scheme, Season Ticket Loan
5. Tax efficient benefits: Cycle to Work, Home & Tech, and Green Car Leasing Schemes
6. Occupational Health support
7. Switched On – scheme providing discount on hundreds of retailers’ products
8. Discounted gym membership
9. Employee Assistance Programme
Job purpose:
The Cyber Security IT Engineer will evaluate all security solution technologies and toolsets and help develop the security systems within the organisation and will ensure that UK Power Networks data, network, and systems are protected from cyber threats and will comply with the relevant standards and regulations. You will also provide technical support to other security team professionals and partners.
Dimensions:
UK Power Networks is expanding its presence in Microsoft Azure and is enhancing its on-prem OT Mission Critical Systems. It is important that a secure environment is developed for the hosting and management of our critical information assets. We ask that you have a blend of skillsets across cyber security including solution design and implementation, operation, governance, change management, communications, and the understanding of protecting data in employing the use of relevant encryption standards. The main measure of success is maintaining regulatory compliance and improving the technical and organisational resilience of UKPN concerning the ever-changing cyber threat landscape.
10. People – work collaboratively in a team environment and with a range of internal and external people
11. Financial – no direct budget responsibility.
12. Suppliers – regular interaction with 3rd party service providers, specialist technical consultants and cyber security tooling vendors.
13. Communicate technical cyber security concepts to all kinds of colleagues across different levels of seniority to facilitate and ensure common understanding of decisions taken across the business.
14. Stakeholders - establish and maintain collaborative working relationships with internal and external technology teams and third party providers, suppliers, and partners to improve outcomes and create agreement around a course of action.
Principal accountabilities:
15. Ensure highest standards of safety are applied across all responsibilities.
16. Implement the cyber security plans, technology roadmaps based on sound cyber security best practices to help implement UK Power Networks Cyber Security Strategy ensuring agreement to the company vision, values, and strategic goals.
17. Supporting the Cyber Security Architects, research new security technologies, toolsets, and solutions for both Enterprise on-prem and cloud infrastructures.
18. Work as an important partner with third party vendors to design and implement proof of concept (PoC) cyber security solutions and evaluate against strict requirements and criteria following UK Power Networks policies and the cyber security technology roadmap.
19. Evaluate existing cyber security solutions within the enterprise to ensure that they are fit for purpose and that the solutions have been designed and implemented to gain maximum benefit and capability.
20. Support the Cyber Security Teams at a technical level to install cyber security product technologies and systems, such as firewalls, end point protection, encryption, VPN, SIEM, PAM, VM etc.
21. Support the Cyber Security Teams to lead root cause analysis of cyber security related incidents to ensure prompt action is taken to prevent incident reoccurrence and strengthen relevant cyber security controls.
22. Provide technical guidance and assurance to the wider information systems teams concerning the implementation of cyber security controls within the specified design principles.
23. Establish and maintain relationships with important partners on matters of cyber security that maintain business support for cyber security and network architecture measures and improvements.
Nature and Scope:
The Information Systems Department works across UK Power Networks, supporting us in the achievement of our vision to become the best performing DNO. The team achieve this through the provision of technology solutions and the optimisation of current solutions to improve how we operate. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security.
You will work with five disciplines within the Cyber Security Team, Enterprise Architecture, Technical Teams, IT Service Providers, Project, Innovation, and partners to implement and improve the security infrastructure, systems, and services.
Qualifications:
24. Work experience: Experience in cyber security, preferably in a security engineering or a security architecture role. Hands-on experience in, implementing, and maintaining security solutions for multiple systems and using different security technologies and performing security testing and analysis.
25. Cyber Security Knowledge: An understanding of the principles and standards of cyber security, such as encryption, authentication, authorization, network security, application security, cloud security, and threat intelligence.
26. Security Technologies: Proficient in using different security technologies, such as firewalls, end point protection, web protection, email protection, intrusion detection and prevention systems, vulnerability scanners, encryption software, VPNs, and SIEMs. Be able to configure, test, deploy, and troubleshoot these tools and technologies and integrate them with other systems. Monitor and analyse the security logs and alerts generated by these technologies and take appropriate actions.
27. Cyber Security Frameworks: Working knowledge of Cyber Essentials, ISO27001:2022, CSA Cloud Controls Matrix, NCSC CAF and GDPR, is important to ensure that data is being managed.
28. Programming and scripting: Proficient programming and scripting skills to automate security tasks, develop custom security scripts and tools, and perform security testing and analysis. Familiar with some of the common programming and scripting languages used in cyber security, such as Python, PowerShell, Bash, Java, C#, and SQL.
29. Problem-solving : Resolve security issues, troubleshoot security incidents, and mitigate security risks. Apply logical reasoning and creativity and innovation, to find the best security solutions and strategies. Anticipate and prevent potential security threats and vulnerabilities, as well as respond to them quickly.
30. Certifications: Relevant certifications in cyber security, such as CISSP, CISM, CEH, SSCP, or CCSP. Further technical certifications in Microsoft Azure, Networking, Firewall, SIEM, PAM or VM Products are beneficial.
31. Technical Capabilities: Technical competence in one or more of the following areas IPSec VPN's, Networking, Network Security, MFA, AIX/Microsoft/Linux Operating Systems, Virtualization Platforms such as (VMware, Hyper-V, OpenShift), Cloud Security in Azure, End Point Security, Email Gateways, Enterprise Web Gateways, PKI and Certificates.
32. Technology Experience: Good working know of the following products, Proofpoint Email / TAP / TRAP / EFD / PSAT, Exchange Online, Global Secure Access, Microsoft Defender for Cloud / Endpoint / SmartScreen, Microsoft Intune, Microsoft DevOps, Azure Firewalls / Wan Hubs, Salesforce, Sentinel, QRadar, Darktrace, Akamai Control Center / WAF
Health & Safety Responsibilities
Managers and supervisors carry both legal and company responsibilities for ensuring the health and safety of their employees, those under their control and those who might be affected by the work undertaken, i.e. public, visitors and employees of other organisations. This includes briefing individuals working for them and ensuring there is the necessary understanding, competence and application of requirements to work safely and without harming the environment.
Employees will ensure they understand the health and safety risks involved in their work activities and their responsibility to apply the controls needed to manage those risks to acceptable levels. Similarly where work activities can have an adverse impact upon the environment, and where there are legal requirements, employees will understand those impacts and the controls they must ensure are applied.
If in doubt ask!
We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.