We currently have an exciting position available as Cyber Security Lead based at Hartlepool Power Station.

The Opportunity

We have an opportunity for a practitioner in OT (Operational Technology) cyber security to join the Engineering department to drive plant computing security governance through the implementation of company policy, technical standards and regulatory requirements.

The station uses programmable and configurable microprocessor-based systems for monitoring and control. The security of these systems or devices is important for the continued safe and reliable operation of site processes involved in nuclear power generation, supporting the nation’s critical infrastructure.

This role would suit a candidate who is looking to develop their career and who shows an aptitude for learning and a desire to become a subject matter expert and a source of technical expertise, supporting different teams with their security governance compliance.

Pay, benefits and culture

We can offer a competitive salary from £54,391 with terms and conditions covered by the EDF Nuclear Generation Company Agreement. You’ll be appointed based on the parameters outlined in the Company Agreement as well as your existing salary, competence, experience and qualifications. This is a full-time position; however, we will be happy to discuss options regarding part time flexibility and job share if you would like to highlight this on your application.

At EDF, everyone’s welcome. We strive to create an inclusive and diverse environment where everyone has a voice and where you feel confident being yourself. We’re committed to equality, diversity and inclusion. We’d like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility. We’re a disability confident employer and we’ll do all we can to help with your application, making adjustments as you need.

We’ll value the difference you bring and offer opportunities for you to thrive and succeed.

What you’ll be doing

Reporting to the Group Head responsible for plant computing, you can expect to use your skills and experience to:

• Ensure that cyber security risks to OT assets are captured through a continual risk management process, working with system owners to actively manage residual risks.
• Maintain the station asset inventory and risk register to track actions and report progress.
• Carry out malware checks in line with established procedures.
• Administer computer-based security and monitoring systems.
• Carry out software or configuration backups of IT and OT equipment ranging in age.
• Participate in cyber incident response planning, exercising and digital forensic investigation.
• Ensure station documentation and network diagrams are maintained and accurately reflect design and configuration changes for new connections.
• Maintain awareness of current cyber security threats and vulnerabilities facing the industry or station OT assets.
• Provide advice on practical mitigations proportional to the risk.
• Contribute to new initiatives making use of technological developments to improve security and work closely with counterparts within the fleet to share information and experience.
• Produce and communicate learning briefs for user awareness, deliver training as required to educate and improve the security culture at all levels.
• Interface with NCSC and ONR, hosting security inspections as directed by the regulator.
• Handle and appropriately protect sensitive or restricted information.

Who you are

We welcome your application for the role if you have experience in cyber security and how this applies to OT systems in an industrial environment. Applicants should have a relevant HNC or degree qualification and possess the following knowledge and expertise such as:

• An understanding of relevant industry security standards and frameworks such as IEC 62443, ISO 27001 or NIST 800.
• Working knowledge of typical OT plant computing such as ICS, SCADA, DCS, PLC, HMI and smart instruments.
• Experience of both modern and legacy computer systems, with a breadth of hardware and software technical skills. Familiarisation with all types of storage media and digitisation thereof, including EPROM programming.
• An understanding of network security principles, aware of DMZ architecture for securing cross domain communication and know about industrial protocols such as serial, Modbus, OPC and HART. Experience configuring switches, routers and firewalls is advantageous.
• Lead by example demonstrating good digital hygiene practices and be able to assess both standard and unconventional devices for malware.
• A high level of attention to detail and good record keeping.
• Ability to work on your own initiative, build effective relationships with system owners and clearly communicate technical security concepts in simpler terms.
• Hold professional certifications such as CISSP, GICSP or CCNA.
• Hold or be able to attain and maintain SC national security vetting.

This advertisement will close on Sunday November 26th.

Recruiter for this role - paul.mount@edfenergy.com

Join us and together we can help Britain achieve Net Zero.