Candidates: Create an Account or Sign In
Candidates: Create an Account or Sign In
Cyber Security Solutions Engineer
Reference Number - 79373
This Cyber Security Solutions Engineer will report to the Cyber Security Architecture Manager and will work within the Information Systems directorate based in our Ipswich office. You will be a permanent employee.
You will attract a salary of £57,600.00 and a bonus of 7.5%. This role can also offer blended working after probationary period (6 months) - 3 days in the office and 2 remote
Close Date: 17/10/2024
We also provide the following additional benefits
25 Days Annual Leave plus bank holidays
Personal Pension Plan - Personal contribution rates of 4% or 5% (UK Power Networks will make a corresponding contribution of 8% or 10%)
Tenancy Loan Deposit scheme
Tax efficient benefits: cycle to work scheme
Season ticket loan
Occupational Health support
DIMENSIONS:
UK Power Networks is expanding its presence in Microsoft Azure and enhancing its on-prem OT Mission Critical Systems. It is necessary that a secure environment is developed for the hosting and management of our critical information assets. We ask that you have a blend of skillsets across cyber security including solution design, configuration, implementation, operation, governance, change management, communications, and the understanding of protecting data in employing the use of relevant encryption standards. The main measure of success is maintaining regulatory compliance and improving the technical and organisational resilience of UKPN concerning the ever-changing cyber threat landscape.
People - work collaboratively in a team of circa 8 permanent and temporary cyber security architecture resources.
Financial - no direct budget responsibility.
Suppliers - regular interaction with 3rd party service providers, specialist technical consultants and cyber security tooling vendors.
Communication - able to communicate technical cyber security concepts to all kinds of colleagues across multiple levels of seniority to facilitate and ensure common understanding of decisions taken across the business.
Stakeholders - establish and maintain collaborative working relationships with internal and external technology teams and third party providers, suppliers, and partners to improve outcomes and create agreement around a course of action.
PRINCIPAL ACCOUNTABILITIES:
Ensure highest standards of safety are applied across all responsibilities.
Implement the cyber security plans, technology roadmaps based on sound cyber security best practices to help implement UK Power Networks Cyber Security Strategy ensuring alignment to the company vision, values, and strategic goals.
Support the Cyber Security Architects, research new security technologies, toolsets, and solutions for both OT and Enterprise on-prem and cloud infrastructures.
Work as an important partner with third party vendors to design and implement proof of concept (PoC) cyber security solutions and evaluate against strict requirements and criteria following UK Power Networks policies and the cyber security technology roadmap.
Evaluate existing cyber security solutions within the enterprise to ensure that they are fit for purpose and that the solutions have been designed and implemented to gain maximum benefit and capability.
Support the Cyber Security Teams at a technical level to install cyber security product technologies and systems, such as firewalls, end point protection, encryption, VPN, SIEM, PAM, VM etc.
Support the Cyber Security Teams to drive effective root cause analysis of cyber security related incidents to ensure prompt action is taken to prevent incident reoccurrence and strengthen relevant cyber security controls.
Provide technical guidance and assurance to the wider information systems teams concerning the implementation of cyber security controls within the specified design principles.
The Information Systems Department works across UK Power Networks, supporting us in the achievement of our vision to become the best performing DNO. The team achieve this through the provision of technology solutions and the optimisation of current solutions to improve how we operate. Continuous improvement, customer service and seamless delivery is at the heart of this ethos and are therefore strongly underpinned by effective cyber security.
You will work with five disciplines within the Cyber Security Team, Enterprise Architecture, Technical Teams, IT Service Providers, Project, Innovation, and partners to implement and improve the security infrastructure, systems, and services.
Qualifications:
Work experience: Experience in cyber security, preferably in a security engineering or a security architecture role. Hands-on experience designing, implementing, and maintaining security solutions for multiple platforms, and using various security technologies and performing security testing and analysis.
Cyber Security Knowledge: An understanding of the principles and standards of cyber security, such as encryption, authentication, authorization, network security, application security, cloud security, and threat intelligence.
Security Solutions Design: Ability to design and implement security solutions that meet the requirements and goals. Analyse the security requirements, identify the security gaps, and propose the best security architectures to address them. Evaluate the costs, benefits, and trade-offs of different security solutions and make recommendations based on the UK Power Networks Policies, Standards and Security Patterns.
Security Tools and Technologies: Proficient in using multiple security technologies, such as firewalls, end point protection, intrusion detection and prevention systems, vulnerability scanners, encryption software, VPNs, and SIEMs. Be able to configure, test, deploy, and troubleshoot these tools and technologies and integrate them with other systems. Monitor and analyse the security logs and alerts generated by these tools and technologies and take appropriate actions.
Cyber Security Frameworks: Working knowledge of Cyber Essentials, ISO27001:2022, CSA Cloud Controls Matrix, NCSC CAF and GDPR, is important to ensure that data is being managed in a compliant manner.
Programming and scripting: Proficient programming and scripting skills to automate security tasks, develop custom security scripts and tools, and perform security testing and analysis. Familiar with some of the common programming and scripting languages used in cyber security, such as Python, PowerShell, Bash, Java, C#, and SQL.
Certifications: Relevant certifications in cyber security, such as CISSP, CISM, CEH, SSCP, or CCSP. Further technical certifications in Microsoft Azure, Networking, Firewall, SIEM, PAM or VM Products are beneficial.
Technical Capabilities: Technical competence in one or more of the following areas: Industrial Protocols (DNP3, ICCP, IEC-61850), IPSec VPN's, Networking, Network Security, RADIUS, MFA, Microsoft/Linux Operating Systems, Virtualization Platforms such as (VMware, Hyper-V, OpenShift), Cloud Security in Azure, PKI and Certificates.
We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace
