Cyber Security Engineer
Our client is a leading developer of controls and instrumentation used across maritime defence applications. They are looking to hire a Product Cyber Security Engineer into their business.
The company offers an excellent benefits and training package. They are also happy to discuss flexible working arrangements.
You will work on an innovative industrial controls system (ICS) to ensure the generation, design, implementation and verification of Information Assurance and Cyber Security requirements. The candidate will be expected to be hands on, working from abstract requirements through to detailed design and into implementation and test verification.
In verification they will lead on specifying detailed test criteria by operating closely with the implementation team and will be expected to be able to conduct a significant degree of the formal technical testing themselves in addition to the production of high-quality reports.
This role sits alongside others being provided by the mechanical and electrical, architecture, and network and communications teams, whilst working to the primary Control Systems team which is responsible for security functionality and outcomes; excellent technical and communications skills are a pre-requisite.
Essential qualifications / experience:
- A demonstrable track-record of successful Information Assurance / Product Cyber Security work;
- A broad information assurance mind-set, able to assimilate and consider issues from the technical, process and business perspective, supported by a pragmatic attitude to the implementation of security within a defence environment;
- A sound understanding of the procedures required to identify, quantify and address information assurance or cyber vulnerabilities within a product, project and organisation;
- Experience of the development and implementation of appropriate risk mitigation plans, policies, processes and technical controls;
- Excellent communication skills, both written and oral;
- Experience with formal accreditation processes, e.g. JSP440, HMG IS1/2;
- Experience in the conduct of Vulnerability Testing and reporting;
- Experience of cyber / technical security within an Industrial Control environment, regardless of Industry Sector;
- Formal and relevant qualifications, such as: CISSP, NCSC Certified MSc
- Maritime Industrial Control Systems
- Knowledge of IEC/ISA 62443 standards and their implementation in Industrial Control Systems, MITRE ATT&CK & ATT&CK ICS
- Varied knowledge of manufacturers equipment's, technology and controls system applications for Industrial Control Systems implementation
- Communication and networking systems used in Industrial Control Systems networks controlling plant and machinery
- Experience with vulnerability scanning tools such as Nessus
- Ethical Hacking testing certification
- Requirements management, interface control documents, and writing policy, procedures and instructions
- MOD Accreditation Process
The recruiter has stated that all applicants for this job should be able to prove they are legally entitled to work in the UK. Carbon60 is a trading name of Carbon60 Limited an Employment Business/Agency.
your application has been submitted