Cyber Security Engineer - Bridgwater, Somerset, United Kingdom - Assystem

Description

Job Description Assystem is an international company with one mission: accelerate the energy transition around the world.

Every day, our 6,500 switchers located in 12 countries (Europe, Middle East, Pacific Asia & Africa) connect their six thousand billion neurons to tackle the task of the century: switching to low-carbon energy.

We are a collective committed to the actors who are making the energy switch. Sharing our knowledge, expertise and values allows us to innovate and think differently about the energy transition.

Drawing on more than 55 years' experience in highly regulated sectors subject to strict security and safety requirements, we provide our customers with engineering and project management services, as well as digital services and solutions to optimize the performance of complex infrastructure projects throughout their life cycle.

The Group is currently ranked second in the world for nuclear engineering.
Continuation of the Hinkley Point C (HPC) programme to establish adequate site security arrangements to protect the availability, integrity, and confidentiality of Instrumentation & Control (I&C) systems during site storage, installation, and commissioning activities

The OT Cyber Security Lead will directly report to the Commissioning team but will work under supervision with the HPC Cyber Security & Information Assurance Manager to support the installation and commissioning of I&C plant systems at HPC site.

The role will be site based to help support the wider site security team and commissioning to secure the delivery, storage, installation, and commissioning of I&C systems for the final plant.

OT Cyber Security Lead will help to assure the I&C systems delivered to HPC by key supply chain partners against the HPC OT Cyber Security Guidelines and support the delivery of the HPC OT Cyber security strategy to ensure that the cyber security risks that impact all critical I&C systems during construction are mitigated are protected from malware and integrity is assured.

The OT cyber security lead will be the first point of contact and owner of all aspects of I&C systems cyber security during HPC construction.

The principal activities of the cyber security lead will be:

Support and deliver the OT Commissioning Security Plan to outline the site security arrangements for I&C systems delivered to site in alignment with the I&C Site Security Arrangements Guidance.

This includes but is not limited to specifying rules of access to the rooms with I&C cabinets, rules for the cabinets access, removable media policies and procedures, portable computing devices policies and procedures, asset inventory and management processes and solutions, ongoing security assurance of I&C systems, etc.

Provide additional SME advice to cover the practical rules of cybersecurity if not covered in the OT commissioning Security Plan for example provide guidance for malware checks of OT devices, storage of devices, management of passwords and similar.

Provide cyber security support for the management of the temporary modifications on site with the support of one commissioning engineer
Provide cyber security input to the management of the design changes with the support of a commissioning engineer
Provide cyber security input to the management of the I&C configuration with the support of a commissioning engineer
Develop and deliver procedures to define rules for periodic security check on a regular basis of safety I&C cabinets (centralised or dedicated) during installation and commissioning phase

Perform risk assessments for I&C systems utilising our HPC security risk methodology and provide recommendations on cyber controls to mitigate risks.

Ongoing management of I&C cyber security risks.
Confirming adequacy of site security arrangements by the Suppliers (when different from generic HPC ones) for example for storage on-site, cabinet access, installation processes, etc
Support ongoing assurance of the Supplier's arrangements for IT and OT at HPC during construction, installation and commissioning.

Support TCO security teams in the production of I&C cyber security cases by providing information about site I&C site security arrangements and I&C site assurance activities.

Good understanding of OT Risk Management, Cyber Threats, and Vulnerabilities.
Experience to assure and review Information and Operational Technology systems (e.g. Knowledge of Information security standards (e.g. Knowledge of ICS Cyber Security Standards (e.g. Experience with I&C systems design, commissioning or operation in a nuclear plant environment
CS&IA experience in a large infrastructure project environment
Proven experience within a large project environment
Knowledge of Nuclear Security Regulations and Standards (e.g.

We are committed to equal treatment of candidates and promote, as well as foster all forms of diversity within our company.

Bring your unique contributions and help us shape the future.