Senior Cyber Security Engineer - VR/30806

TMM Recruitment are working with a major, multi-national energy organisation based in Westhill to find a Senior Cyber Security Engineer to join their team ASAP on a contract basis until at least November 2025 (with the potential of being extended and going staff). The company is only considering PAYE contractors.

Main duties and responsibilities

• Implementing Critical Requirements: Ensuring compliance with CR GR SSI 001, CR GR SSI 023, GS EP INS 135, and L2-OPS-17-001 across all assets.
• Incident Management: Reviewing, investigating, mitigating, and resolving cybersecurity incidents, anomalies, and threats promptly.
• Cyber Security Road Map: Assisting in delivering key activities and act as a delegate for the Lead Cyber Security Engineer during absences.
• Risk Analysis: Participating in asset cyber risk analysis and develop procedures and documentation for cybersecurity management.
• Compliance: Ensuring stakeholders comply with cybersecurity requirements and carry out UK government cybersecurity self-assessment reports.
• Solution Support: Rolling out HQ security solutions, including administration and troubleshooting.
• Audits: Conducting site audits, recommend improvements, and track actions to completion.
• Vulnerability Management: Managing the industrial cybersecurity vulnerability process and ensure timely patching.
• Training: Developing and maintaining industrial cybersecurity training materials and competence procedures.
• Emergency Response: Creating and maintaining cyber emergency and incident response plans.
• Project Involvement: Ensuring cybersecurity requirements are captured in new projects and modifications.
• Culture Promotion: Promoting a positive cybersecurity culture and participate in annual events and presentations.
• Innovation: Supporting the design and rollout of safer architecture solutions and stay updated on emerging technologies.
• Reporting: Producing reports to monitor cybersecurity progress and communicate findings to stakeholders.
• Vendor Coordination: Coordinating with third parties and vendors during cybersecurity incidents and carry out post-incident investigations.

Applicants to this role require

• Education: Relevant degree in Instrumentation and Controls, Computer Science, or Cyber Security.
• Knowledge: Understanding of offshore operations, project management, and UK industry regulations.
• Expertise: In-depth understanding of IEC/ISA 62443 and OG-86.
• Management Skills: Experience managing contractors, vendors, and service providers.
• Communication: Effective communicator, both written and verbal.
• Relationship Building: Strong relationship-building skills at all levels - internally and externally.

Critical Contacts

• Onshore: Cybersecurity Manager, Lead Cybersecurity Engineer, Technical Services leadership team, Asset Directors and Field Operations management and engineering teams, IDP Director, IDP Managers.
• Offshore: Site Cybersecurity Responsible Person (SCRP), Asset Systems Engineers, Lead Instrument Technicians and Telecom Technicians.
• External: third party vendors.
• Headquarters: Branch Cyber Security Officers (B-ICSO and B-ECSO), Global Cybersecurity Officers (G-ISCO and G-ECSO), CERT.