پوسٹڈ ان: انجینئرنگ انرر یونائیٹڈ کنگڈم | پوسٹ شدہ: |
The Cyber Security unit is accountable and responsible for safeguarding our company's critical infrastructure, intellectual property, and customer data against evolving cyber threats, ensuring no interruption to operations. We take a proactive approach to building, deploying, and operating our Cyber capabilities to fortify our defenses, employing innovative and cutting-edge cyber technologies. Our duties span cyber threat management, real-time attack detection and prevention, and swift remediation, integrated with advanced artificial intelligence and machine learning. Additionally, we leverage Cyber DevOps automations to facilitate rapid deployment and threat mitigation, ensuring the resilience of our Operational Technology (OT), IT, and digital infrastructure in the face of emerging challenges.
We are responsible for defining and setting the Cyber framework and Security compliance policies across the company, including the development of robust Business continuity plans, disaster recovery, and critical management plans to ensure the resilience of our operations in the face of cyber threats and other emergencies.
Key Competencies
Technical
Significant experience in Cyber Security engineering and delivery with a broad understanding of OT and IT services
Subject matter expertise in Cyber Security for protecting IT, OT, and IP networks, including IPSec VPNs, Firewalls, SIEM, IPS/IDS, AV/EDR solutions, LDAP/AD, etc.
Expertise in Privileged Access Management and related tools
High level of expertise in Vulnerability and Compliance Management; DDOS protection
Hands-on experience in Cyber Security engineering and design of cloud solutions (such as AWS, Azure, etc.), including open-source tools, DevOps, and automation capabilities to enhance cyber defense (such as Zabbix, ELK, Grafana, Netbox, Netmiko, Ansible, Alienvault, OpenVas, etc.)
Professional-level knowledge in public clouds, such as AWS security services and architectures. Extensive knowledge of Private Clouds and related transferable skills are highly desirable.
Non-Technical
Ability to collaborate effectively with others to drive forward key security objectives and goals
Strong communication skills, including presentation and documentation writing (for both technical and business audiences)
An aptitude for autonomous learning as required by business demands
Proven track record of problem-solving abilities
Assertiveness and the ability to drive through change, complex projects, and transformations
Excellent teamwork skills, including the ability to work effectively within a geographically disparate team (nationally and internationallyDesirable but not essential:
Knowledge of policy frameworks and understanding of policies, procedures, guideline structure, and regulatory landscapes, such as NERC CIP, NIST, NIS2, GDPR, EPCIP, etc.
Virtualization technology, including containerization (e.g., Docker, Kubernetes, Linux, etc.)
Host-based security products (threat detection, mitigations, end-user detection and response, micro-segmentation, zero trust)
Experience working within an ITIL environment or structured platform management, particularly change and incident management
Professional certifications, e.g., CISSP, CISM, CCNP, CCIE, AWS Certified Security, etc.
Key Accountabilities
Technical
Design lead for end-to-end cyber capabilities for operational technology (OT) and Information Technology (IT), as per Cyber goals and company's strategy
Technical leadership and subject matter expertise in Cyber Security
Design security capabilities and tools for new infrastructure & digital deployments, and the existing ones
Design and dynamically readjust cyber capabilities based on the cyber threat landscape
Support to set, and potentially lead NOC/SOC operational team
Lead Cyber incident response, conduct post-incident reviews (PIRs), root-cause-analysis (RCAs), and deploy mitigating solutions. Report on Cyber incidents and manage related action plans
Proactive capacity management of the cyber platforms to ensure sufficient capacity is available at any time
Design Cyber solutions that are well-integrated with the IT and OT platforms
Data design for Cyber logs, reports, and incidents to align with the digitization strategy, intertwined with AI and ML
Knowledge and experience of agile and DevOps methodologies
Own development and implementation of policies and procedures, including operational cyber defense processes
Provide cyber 2nd and 3rd line support as required to maintain service availability during cyber incidents
Strategic
Work as part of the wider team to drive automation and data mining, as per cyber goals and wider strategy, to support the company's digitization transformation
Put in place and drive the cyber roadmap for platform development and threat mitigation, aligned with the unit's cyber vision and strategy
Continually develop professional cyber skills and awareness, remaining ahead of cyber attacks
Lead on a number of complex technical deliverables ensuring work is completed on time and within budget
Work and deliver under general direction within a clear framework of accountability
Assume substantial personal responsibilities and autonomy
Plan own work, engage stakeholders, and work with teams in the business to deliver on commitments
Become a recognized expert in Cyber technologies
GCS is acting as an Employment Agency in relation to this vacancy
