Wood is currently looking to recruit Senior/Principal Operational Technology (OT) Cyber Security Engineer with a range of skills and experiences in the industrial control system domain.
About Wood Nuclear:
Wood’s nuclear business supports customers in the energy generation, new build, decommissioning and defence sectors.
Our nuclear business has offices in Knutsford and Birchwood in Cheshire, Gloucester, Dorchester, Harwell, Glasgow, Newcastle, Bristol, Cumbria, Reading and London. We also have a strong international presence to support our growing operations in France, Slovakia, Czech Republic, Poland, South Africa and Japan.
Our reputation for safely delivering quality projects on time and on budget is well recognised in the industries we serve. We have proven expertise in managing large, complex projects, a global reach and long-standing UK presence, strong relationships with our clients and cutting-edge processes and technologies.
What that means to you is the opportunity to experience a real variety of projects, working with people from different backgrounds. You’ll work closely with our clients and committed to achieving outstanding results in a stimulating and quality-driven environment.
The ideal candidates would have excellent all-round knowledge of UK nuclear regulatory expectations for cyber security in the industrial control system Operational Technology (OT) and Information Technology (IT) domains.
Reporting to the Project Engineering Manager and potentially forming part of an Integrated Intelligent Client team.
Perform formal and comprehensive application and infrastructure penetration testing assessments, following industry best practices
Provide well-written and concise technical and non-technical reports, prepared to the highest standards of written English
Perform vulnerability assessments and provide findings with remediation action
Support with various client pre-engagement interactions, including scoping activities and proposal drafting
Manage and deliver penetration testing project activities within strict deadlines
Travel to client sites as required
Research application and infrastructure components within the wider team to identify new vulnerabilities and follow responsible disclosure
Take part in a variety of other information security projects as and when required
Must possess knowledge and experience of developing Test Strategies, plans and scripting
Significant cyber security experience in the nuclear domain whilst preferable is not essential.
Whilst the role will be based in the North West of England, a willingness to travel is a distinct advantage.
Responsibilities will include:
Will have responsibility for the preparation and execution of user acceptance testing, ensuring product functionality, which delivers detailed functional specification to Client satisfaction.
Proven industry experience in application and infrastructure penetration testing
Strong understanding of OWASP, PTES and other penetration testing methodologies
Ability to program or script in in a variety of languages
Good understanding of network and OS principles
Solid knowledge of various technologies, including associated security vulnerabilities and exploits
Relevant security qualifications (such as OSCP, CREST CRT, TIGER)
Strong analytical skills
Excellent negotiating and stakeholder management skills
Excellent written and spoken English skills are vital for compiling high-quality reports, adhering to reporting standards such as ISO/IEC 29119-3 or IEEE 829
Degree in Computer Science, Networks, Information Security, or related technical discipline
ISTQB or ISEB Foundation certificate in testing.
ISTQB Advanced or Expert Level Test Manager certificate or ISEB Intermediate/Advanced level Test Manager certificate.
The ideal candidates would have excellent all-round knowledge of UK nuclear regulatory expectations for cyber security in the industrial control system Operational Technology (OT) domain and Information Technology (IT) domains.
Providing oversight and approval of supplier testing in secure cloud environments for proving and production systems
Preparation of acceptance test plans with clearly defined success criteria
Management and execution of end user testing and delivering to success criteria
Working to ITIL Change Management practices
Service transition and cut-over experience in a heavily regulated and complex business environment
Testing of process and procedures as well as technical solutions
Tracking and preparation of testing activities including results, test case coverage, defects, status, performance baselines etc.
Wood is a global leader in the delivery of project, engineering and technical services to energy and industrial markets. We operate in more than 60 countries, employing around 60,000 people, with revenues of over $10 billion. We provide performance-driven solutions throughout the asset life cycle, from concept to decommissioning across a broad range of industrial markets, including the upstream, midstream and downstream oil & gas, power & process, environment and infrastructure, clean energy, mining, nuclear, and general industrial sectors. www.woodplc.com
We are an equal opportunity employer that recognises the value of a diverse workforce. All suitably qualified applicants will receive consideration for employment on the basis of objective criteria and without regard to the following (which is a non-exhaustive list): race, colour, age, religion, gender, national origin, disability, sexual orientation, gender identity, protected veteran status, or other characteristics in accordance with the relevant governing laws.