Bilfinger

OT Cyber Security Manager

PayCompetitive
LocationChesterfield/England
Employment typeFull-Time

This job is now closed

Apply to similar jobs

  • Job Description

      Req#: 56925

      OT Cyber Security Manager

      Location: Chesterfield

      Bilfinger UK is a leading engineering and maintenance provider, supporting customers across the chemical & petrochemical, nuclear, oil & gas, pharmaceuticals & biopharma, power & energy, utilities, renewables and food & beverage markets. We enhance the efficiency of assets, ensuring a high level of availability and reducing maintenance costs.

      We have extensive experience in offshore and onshore facilities; specialising in asset management services throughout all life cycle phases from consulting, engineering, manufacturing, assembly, operations, maintenance, and decommissioning.

      This commitment is delivered by an experienced and highly competent workforce of over 4,500 employees operating from 14 offices in strategic industrial hubs, upholding the highest standards of safety, compliance and quality.

      The OT Cyber Security Manager will have overall responsibility for the OT Cyber Security strategy for the Automation department.

      The OT Cyber Security Manager will manage the OT Cyber Security team, taking full responsibility for the successful delivery of Cyber Security Projects and Cyber solutions delivered by the Automation department.

      The OT Cyber Security Manager will work closely and collaboratively with the Automation & Digital Solutions Director, Head of Automation, Head of Projects, Technical Managers, Project Managers and both Cyber and non-Cyber engineering teams.

      Key Activities

      • Further development, implementation and ongoing ownership of BUK Cyber strategy
      • Monitor market trends and factor into strategy (client, industry, regulatory and competitors)
      • Evaluate and adopt where appropriate, other services to our Cyber offering (for example sheepdip, penetration testing, threat detection, disaster recovery software, incident response guidance and documentation support, incident response investigation, acting as a NIS auditor for clients based on the CAF framework)
      • Evaluation and adoption of appropriate tools and software to enhance our Cyber offering
      • Maintain close relationships with all existing OEM partners and review any additional Cyber related partners to be added
      • Establish and maintain relationships with regulatory bodies (around 62443, OG86, NIS – such as HSE)
      • Establish and maintain relationships with Industry bodies (UK Cyber Security Council, (ISC)², NCSC, IET (CoP) etc.)
      • Monitor regulation (current and pending changes) from the perspective of how this could impact Bilfinger, our clients and our offering
      • Present at Industry events on behalf of Bilfinger and create/grow/enhance BUK’s reputation in the domain of Cyber Security
      • Work alongside sales team, HoA and ADSD in existing and new business activities designed to grow the business and provide constant run rate of OT Cyber projects.
      • Work closely with the Proposals team in the development/review of bid strategies, estimate reviews and undertake presentations to prospective customers.
      • Support the HoP/PM team in the resource management activities to ensure that appropriate personnel are allocated to projects with plans for support and training if necessary
      • Responsible for line management of Cyber Security engineers
      • Identify any requirements for additional Cyber Security personnel and manage the selection process in conjunction with HR and HoA
      • Ensure that Cyber team maintain awareness of, and competencies in latest technology, trends and regulation in OT Cyber Security
      • Ensure all work carried out by the Automation team adheres to OT Cyber Security Best Practice guidelines
      • Plan training activities for Cyber and non-Cyber personnel to meet technological advances, meet forecast and future strategic requirements
      • Mentor and develop engineering personnel in cyber security and industrial network related topics.
      • Manage vulnerabilities and Cyber Security issues and associated action plans
      • Design and implement comprehensive cyber security solutions, using appropriate tools, technologies and processes in line with a defence in depth approach to meet client requirements.
      • Operate within existing IACS project framework operations and activities.
      • Adhere to and develop where applicable relevant elements of the quality system.
      • Foster a culture of continuous improvement. Share lessons learned and good practice with other departments. Drive efficiencies by promoting and managing continual development of standards, libraries, common approaches, document templates etc.
      • Design, secure, implement and support operational technology networks and cyber security technologies across a wide range of industrial sectors.
      • Conduct assessment, threat analysis and vulnerability studies on projects and at customers sites.
      • Travel to customers sites both nationally and internationally as required.
      • Demonstrate Health and Safety and Compliance Leadership

      Experience

      • Experience of software development project lifecycle, including requirements engineering.
      • Understanding of key OT components and their functions (e.g. PLCs, DCS, SCADA, MES).
      • Experience of industrial protocols including CIP, DNP3, Modbus, IEC61850 & others.
      • Experience of protocols employed across both IT/OT protocols including DHCP, DNS, SNMP, MQTT & others.
      • Experience of operating within a typical cyber security lifecycle.
      • Experience of prominent industrial security standards/regulations including NIST framework & standards, IEC62443, HSE OG86, NIS-D, ISO27001 and others.
      • Experience of the ‘Defence in Depth’’ security philosophy related to people, processes and technology.
      • Experience of security risk management and cyber risk assessment.
      • Implementation and testing of the following technologies and principles:
        • Industrial networks.
        • Next Generation Firewalls.
        • Intrusion systems (IDS/IPS).
        • Anti-Virus/Whitelisting.
        • VMware (or comparable) infrastructure and associated security technologies.
        • Microsoft infrastructure and associated security technologies.
        • Identification, authentication, authorisation and accountability.
        • Change management.
        • Incident management and reporting.
        • Disaster Recovery and business continuity.

      Qualifications

      • BSc degree in appropriate subject or relevant experience in cyber related role.
      • GISCP/CISSP certification desirable.
      • IEC62443 certification desirable.
      • Other related certification desirable.
      • CCNA/CCNP certification desirable.
      • VMware (or comparable) certification desirable.
      • Microsoft certification desirable.
      • Ability to achieve and maintain SC Clearance

      If you wish to speak to a member of the recruitment team, please contact 01224 246246.

      Engineering & Consultancy | Bilfinger UK Limited | Permanent | White-collar workers | Bachelor's degree | Engineering - Automation

  • About the company

      Bilfinger SE is a European company specialized in civil and industrial construction, engineering and services based in Mannheim, Germany.

Other job opportunities

remote cyber security manager jobs
cyber security jobs london remote
cyber security jobs remote
cyber security remote jobs
director cyber security jobs remote
More information about Bilfinger