Description Remarkable people, trusted by clients to design and advance the world. Wood is recruiting for expressions of interest for Cyber and Security Engineer experienced in Automation and Control Network design and implementation to join our Systems Integration team as part of Woods Consulting business unit to support across our UK projects. This is a hybrid role that can be based at any of the following UK offices: Aberdeen, Staines, Reading, Glasgow or Northampton with the expectation of travel as required. The Role The Cyber and Security Engineer will support the implementation of projects in line with company objectives including continuous improvement of margin, customer satisfaction, schedule, working capital and safety performance. As a Cyber and Security Engineer, you will assist in the provision of cyber security, networking, secure architectures, solutions, vulnerability and risk assessments, technologies and procedures to support Wood assignments / project teams and clients. This is an ideal opportunity for an individual with previous project experience who has the capability to discover vulnerabilities and risks in networks, software systems and data centres through ongoing vulnerability scans, monitoring network data, and ensuring hardware and software applications are updated. Our Clients and Projects Designing the future. Transforming the world. Our Systems Integration (SI) team, work with a variety of high-profile clients across the energy sector. Delivering bespoke essential automation and control solutions that enable a safer and more efficient operation. Within SI, we are architecting our clients' digital ecosystems to be inherently safe, cybersecure and operable. Within our teams we integrate client source systems across their IT, Operational Technology (OT) environments, securely pushing OT data into IT systems as a foundation for transformation. We design and integrate operational technology to achieve business, production, and operational goals. Visit our web page to find out more about the exciting work we do: Automation & systems integration | Wood What we can offer Meaningful and interesting projects delivered to high profile clients across the Energy Sector Flexible working arrangements that balance client, team and individual needs offering hybrid and remote working where relevant Commitment to Diversity and Inclusion ; we are an organisation actively committed to diversity and inclusion across our business Competitive renumeration package with regular reviews to ensure we are rewarding at the right level in line with the market Flexible benefits package inclusive of 33 days annual leave (including public holidays), plus the potential for one additional ‘flex day’ per month. Further benefits include a generous contributory pension scheme, private medical cover, 4x base salary life insurance; all of these and more that can be adapted to suit your own lifestyle Commitment to continued professional development ; development plans that are tailored to your individual needs and interests Global connections : join experts around the world who are at the leading edge of our industry, shaping the standards of our profession Energy Transition Academy; join a community of experts sharing your knowledge and gaining more exposure to a variety of existing and emerging energy systems – delivered by experts in their field Responsibilities The key objectives for this role are: Assess the robustness of cybersecurity architectures, technologies, and procedures implemented within customer facilities Design solutions that meet client requirements and implement the appropriate measures to mitigate security risks (e.g., Antivirus software, patch management programs, insider threat protection, incident response plans, and regulation compliance) Conduct vulnerability assessments and audits on client systems and network devices considering the sensitivity of Operational Technology testing Provide expertise in Network Design, implementation, and testing for networks to support Integrated Automation and Control Systems Solutions Identify and define network requirements to support automation and controls solutions for our clients Apply integration concepts to a wide variety of systems and across multiple vendor platforms. Engineer technical aspects of automation project network design and / or implementation for assigned activities Prepare engineering studies and network & cyber design documentation Resolve specialty related engineering issues by applying accepted principles, codes, and standards Development of Detailed Network Architecture & Network Dataflow Diagrams Produce Network Schedules (IP addresses, Data communication, server &VM, Switch & firewall), Produce Testing procedures (FAT) Produce Material requisition and contribute to Technical Bid evaluation Review Vendor Drawing and consolidate comments generated by other disciplines Undertakes Cyber Security Risk Assessments providing advice and guidance for implementation of Cyber Security Risk Assessment findings mitigating actions Support in evaluating client’s security posture, identify vulnerabilities, weaknesses, and areas for improvement Stay up to date with the latest security trends, threats, and best practices Qualifications What makes you remarkable? At Wood, we are committed to equal opportunities and welcome all talented individuals to consider joining our team. So even if you don't match every statement below but feel you have some of the experience, knowledge or skills needed for this role, we encourage you to apply. It will take all of us working together to deliver solutions to the world’s most critical challenges. Expected: Minimum BSc Degree or equivalent demonstratable experience Certifications such as CCNA, CCNP, CWNP, ISA/IEC 62443 Cybersecurity Certificates, or GICSP are highly desirable Significant experience and competency in Control System Network Design Engineering Good understanding of IEC62443 Industrial Cyber Security Good understanding of IEC27001/2 Information Security Management Good general knowledge of each Automation and Control engineering discipline Knowledge of industrial communication protocols (e.g., Modbus, DNP3, OPC) and their security implications Experienced in writing Network specifications Detailed experience with multiple system implementation projects and / or control system platforms Experience in Brownfield upgrades / replacement automation and control projects Must have thorough knowledge of engineering practices, methodologies and economic principles, calculation methods, design details, international codes and standards, procedures, and specifications Knowledge of modern automation and control applications, tools, methodologies, or equivalent training / experience Understanding of the interplay between physical security and cybersecurity in OT environments Familiarity with safety standards and regulations relevant to OT environments Good working knowledge of current industry specific technology and the application of current engineering software / tools and trends Inquisitive, well organized and have a keen eye for detail Desirable: Experience with Networks containing Rockwell, Honeywell and Schneider PLC / SCADA systems Familiarity with telecom protocols, satellite communication and radio-link technologies Experience of OT Intrusion Detection Systems