TMM Recruitment are working with a major, multi-national energy organisation based in Westhill to find a Senior Cyber Security Engineer to join their team ASAP on a contract basis until at least November 2025 (with the potential of being extended and going staff). The company is only considering PAYE contractors.
Main duties and responsibilities
* Implementing Critical Requirements: Ensuring compliance with CR GR SSI 001, CR GR SSI 023, GS EP INS 135, and L2-OPS-17-001 across all assets.
* Incident Management: Reviewing, investigating, mitigating, and resolving cybersecurity incidents, anomalies, and threats promptly.
* Cyber Security Road Map: Assisting in delivering key activities and act as a delegate for the Lead Cyber Security Engineer during absences.
* Risk Analysis: Participating in asset cyber risk analysis and develop procedures and documentation for cybersecurity management.
* Compliance: Ensuring stakeholders comply with cybersecurity requirements and carry out UK government cybersecurity self-assessment reports.
* Solution Support: Rolling out HQ security solutions, including administration and troubleshooting.
* Audits: Conducting site audits, recommend improvements, and track actions to completion.
* Vulnerability Management: Managing the industrial cybersecurity vulnerability process and ensure timely patching.
* Training: Developing and maintaining industrial cybersecurity training materials and competence procedures.
* Emergency Response: Creating and maintaining cyber emergency and incident response plans.
* Project Involvement: Ensuring cybersecurity requirements are captured in new projects and modifications.
* Culture Promotion: Promoting a positive cybersecurity culture and participate in annual events and presentations.
* Innovation: Supporting the design and rollout of safer architecture solutions and stay updated on emerging technologies.
* Reporting: Producing reports to monitor cybersecurity progress and communicate findings to stakeholders.
* Vendor Coordination: Coordinating with third parties and vendors during cybersecurity incidents and carry out post-incident investigations.
Applicants to this role require
* Education: Relevant degree in Instrumentation and Controls, Computer Science, or Cyber Security.
* Knowledge: Understanding of offshore operations, project management, and UK industry regulations.
* Expertise: In-depth understanding of IEC/ISA 62443 and OG-86.
* Management Skills: Experience managing contractors, vendors, and service providers.
* Communication: Effective communicator, both written and verbal.
* Relationship Building: Strong relationship-building skills at all levels - internally and externally.
Critical Contacts
* Onshore: Cybersecurity Manager, Lead Cybersecurity Engineer, Technical Services leadership team, Asset Directors and Field Operations management and engineering teams, IDP Director, IDP Managers.
* Offshore: Site Cybersecurity Responsible Person (SCRP), Asset Systems Engineers, Lead Instrument Technicians and Telecom Technicians.
* External: third party vendors.
* Headquarters: Branch Cyber Security Officers (B-ICSO and B-ECSO), Global Cybersecurity Officers (G-ISCO and G-ECSO), CERT.
#J-18808-Ljbffr