• Principal/ Senior Cyber Security Engineer

    Requisition ID
    2019-56082
    Work Location
    GB-Cheshire-Birchwood
    Department / Discipline
    Engineering - Instrumentation
    Additional Work Location
    GB-Tyne and Wear-Newcastle upon Tyne
    Position Type
    Staff / Permanent
    Additional Work Locations
    GB-Tyne and Wear-Newcastle upon Tyne | GB-Cumbria-Whitehaven
    Market / Sector (Candidate Portal Searching)
    Nuclear
  • Overview / Responsibilities

    Wood is currently looking to recruit Senior/Principal Operational Technology (OT) Cyber Security Engineer with a range of skills and experiences in the industrial control system domain.

     

    About Wood Nuclear:

    Wood’s nuclear business supports customers in the energy generation, new build, decommissioning and defence sectors.

     

    Our nuclear business has offices in Knutsford and Birchwood in Cheshire, Gloucester, Dorchester, Harwell, Glasgow, Newcastle, Bristol, Cumbria, Reading and London. We also have a strong international presence to support our growing operations in France, Slovakia, Czech Republic, Poland, South Africa and Japan.

     

    Our reputation for safely delivering quality projects on time and on budget is well recognised in the industries we serve. We have proven expertise in managing large, complex projects, a global reach and long-standing UK presence, strong relationships with our clients and cutting-edge processes and technologies.

     

    What that means to you is the opportunity to experience a real variety of projects, working with people from different backgrounds. You’ll work closely with our clients and committed to achieving outstanding results in a stimulating and quality-driven environment.

     

    The ideal candidates would have excellent all-round knowledge of UK nuclear regulatory expectations for cyber security in the industrial control system Operational Technology (OT) and Information Technology (IT) domains.

     

    Role:

    Reporting to the Project Engineering Manager and potentially forming part of an Integrated Intelligent Client team.

    Perform formal and comprehensive application and infrastructure penetration testing assessments, following industry best practices

     Provide well-written and concise technical and non-technical reports, prepared to the highest standards of written English

    Perform vulnerability assessments and provide findings with remediation action

    Support with various client pre-engagement interactions, including scoping activities and proposal drafting

     Manage and deliver penetration testing project activities within strict deadlines

    Travel to client sites as required

    Research application and infrastructure components within the wider team to identify new vulnerabilities and follow responsible disclosure

    Take part in a variety of other information security projects as and when required

    Must possess knowledge and experience of developing Test Strategies, plans and scripting

    Significant cyber security experience in the nuclear domain whilst preferable is not essential.

    Whilst the role will be based in the North West of England, a willingness to travel is a distinct advantage.

     

    Responsibilities will include:

    Will have responsibility for the preparation and execution of user acceptance testing, ensuring product functionality, which delivers detailed functional specification to Client satisfaction. 

    Skills / Qualifications

    Essential

     

    Proven industry experience in application and infrastructure penetration testing

    Strong understanding of OWASP, PTES and other penetration testing methodologies

    Ability to program or script in in a variety of languages

    Good understanding of network and OS principles

    Solid knowledge of various technologies, including associated security vulnerabilities and exploits

    Relevant security qualifications (such as OSCP, CREST CRT, TIGER)

    Strong analytical skills

    Excellent negotiating and stakeholder management skills

    Excellent written and spoken English skills are vital for compiling high-quality reports, adhering to reporting standards such as ISO/IEC 29119-3 or IEEE 829

     

    Desirable

     Degree in Computer Science, Networks, Information Security, or related technical discipline

    ISTQB or ISEB Foundation certificate in testing.

    ISTQB Advanced or Expert Level Test Manager certificate or ISEB Intermediate/Advanced level Test Manager certificate.

    The ideal candidates would have excellent all-round knowledge of UK nuclear regulatory expectations for cyber security in the industrial control system Operational Technology (OT) domain and Information Technology (IT) domains.

     

    Experience of:

    Providing oversight and approval of supplier testing in secure cloud environments for proving and production systems

    Preparation of acceptance test plans with clearly defined success criteria

    Management and execution of end user testing and delivering to success criteria

    Working to ITIL Change Management practices

    Service transition and cut-over experience in a heavily regulated and complex business environment

    Testing of process and procedures as well as technical solutions

    Tracking and preparation of testing activities including results, test case coverage, defects, status, performance baselines etc.

     

    Company Overview

    Wood is a global leader in the delivery of project, engineering and technical services to energy and industrial markets. We operate in more than 60 countries, employing around 60,000 people, with revenues of over $10 billion.  We provide performance-driven solutions throughout the asset life cycle, from concept to decommissioning across a broad range of industrial markets, including the upstream, midstream and downstream oil & gas, power & process, environment and infrastructure, clean energy, mining, nuclear, and general industrial sectors.  www.woodplc.com  

     

    Diversity Statement

    We are an equal opportunity employer that recognises the value of a diverse workforce. All suitably qualified applicants will receive consideration for employment on the basis of objective criteria and without regard to the following (which is a non-exhaustive list): race, colour, age, religion, gender, national origin, disability, sexual orientation, gender identity, protected veteran status, or other characteristics in accordance with the relevant governing laws.

     

    Join the Talent Community

    Interested in working for Wood? Take the first step today by joining our talent community. By joining the community, your chances of matching to the right role are increased, as our recruiters search the community daily to match open positions with member profiles.

    If you can’t see the perfect role advertised online, the talent community is the best way to keep up to date with job opportunities and events relevant to you.

    Click here to join today!