OT Cybersecurity Senior Professional
One DAC, East Gate,, D, IE
Full Time Senior-level / Expert EUR 57K - 67K
ESB
As a strong, diversified, vertically integrated utility, ESB operates right across the electricity market: from generation, through transmission and distribution to supply.Position Description
The Generation Engineering Department in Engineering and Major Projects is the Centre of Engineering for ESB’s generation businesses and provides consultancy services in generation technology for the generation business. This includes optimising the long-term performance of the Generation Assets through process performance optimisation and portfolio long-term asset management, as well as continuously driving improvements in overhaul management, safety, technical and engineering standards, and the delivery of new power plant projects as part of the ESB Strategy on “Net Zero by 2040”.
To enable and support this, we currently have an opportunity for an OT Cybersecurity Senior Professional to join our Generation Engineering team. The successful candidate will report to the OT Cybersecurity Lead and support ESB in the delivery of Generation projects such as the development of new build zero and low carbon generation assets and renewal of existing assets within ESB’s plant portfolio and for international clients.
Looking for a New Challenge?
The OT Cybersecurity Senior Professional is part of the C&I Team and will report to the OT Cybersecurity Team Lead. The purpose of the role is to support maintaining a strong cyber security posture across the ESB Generation portfolio. It will cover a range of activities in alignment with the generation cybersecurity operating model, the cybersecurity plan, assisting in the assessment, audit, and review process, and existing or emerging vulnerabilities and threats that could impact the Operational Technology environment in the generation business.
Key Responsibilities
Working across diverse types of generation assets and technologies your responsibilities will include, but are not limited to the following:
- Review and stay current on NIS Directive regulations and industry cybersecurity trends.
- Conduct and help identify potential NIS Directive compliance gaps in our industrial control systems, SCADA, DCS, SIS, PLC, and NMS Operational Technology systems and establish mitigation plans.
- Conduct cybersecurity risk assessments and vulnerability assessments of OT systems and networks including review of TVM alerts relevant to installed OT assets, impact, and criticality.
- Collaborate with internal teams and suppliers for the design and deployment of security controls and technologies to safeguard OT assets, including firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools.
- Manage tools like Active Directory, SIEM, Firewall, IDS, Antivirus, Backup etc.
- Stay up to date on emerging threats, vulnerabilities, and technologies in OT cybersecurity and recommend proactive measures to mitigate risks. Conduct regular security assessments and audits of OT systems to ensure compliance with security policies and regulatory requirements.
- Collaborate with IT and OT teams to integrate cybersecurity measures into the design and implementation of new systems and technologies.
- Support Generation NIS Directive compliance work programme. Collaborate with broader Generation IT & CIO teams to embed new processes and procedures into Generation with appropriate governance e.g., NIST, CAF.
- Preparation of documentation in support of audits and compliance with Corporate and/or NIS Directive requirements. Aid interactions with internal audit and external regulatory bodies during audits or other required meetings.
- Work closely with internal teams and vendors to complete reviews and implementation, vulnerability assessments, mitigations & other various cybersecurity-related activities as needed.
- Assist, support, and implement system upgrades including patches, Antivirus, GPO, User Management, security configurations etc. Support carrying out cyber security risk assessments for new or existing OT systems. Provide subject matter expertise in cybersecurity and help broaden the knowledge of other generation O&M teams.
- Make and Manage asset inventory for OT systems. Design, deploy, and manage the operation technology (OT) network infrastructure, including switches, routers, firewalls, and other network devices.
- Provide training and guidance to end-users on OT Cybersecurity, security protocols, and best practices. Support and development of OT cyber security awareness initiatives.
- Assessing the feasibility of OT Cybersecurity projects and providing options and solutions in line with project business cases and risk assessments.
- Provide support to the Operations Technology Cybersecurity Lead. Work with Engineering architects to define appropriate standards and ensure adherence.
- Promoting and leading the safety management culture across all activities by taking ownership and demonstrating a visible commitment to safety in all works/project stages and ensuring compliance with organisational quality procedures.
- Support Generation OT cyber security improvement planning and lead projects to deliver improvement.Support all Generation projects to ensure implementation of security by design.
- Work with central Cybersecurity SOC and other cybersecurity operations specialists in relation to security issues, initiatives, threats, and incidents as required.
Experience
Working as part of this dynamic team, you will always have new challenges and new problems to solve working together is key. You will have the autonomy to choose how best to tackle tasks and solve problems with the support of your colleagues.
Essential
- Have a minimum of 5 years of relevant working experience in the generation sector or a comparable industry in OT Cybersecurity.
- Proven experience in cybersecurity roles, with specific expertise in OT/ICS security.
- In-depth knowledge of industrial control systems, SCADA, DCS, SIS, PLC, and other OT technologies and communication protocols.
- Familiarity with cybersecurity frameworks such as the ISO 27001, NIST Cybersecurity Framework, Cyber Assessment Framework, and IEC/ISA 62443.
- Hands-on experience with tools for Active Directory, SIEM, Firewall, IDS, Antivirus, Backup etc.
- Demonstrated internal and external stakeholder management and project/scope coordination involving multiple stakeholders, contractors or third parties.
- Self-motivated individual with the drive to professionally develop self and others and share knowledge and competencies within a team structure.
- Strong analytical and problem-solving skills, with the ability to assess complex systems and identify security risks.
- Ability to work independently and in a team environment to pinpoint root causes and devise solutions with minimal oversight.
- Well-versed with Health, Safety and Environment Standards and procedures, including Risk Assessment and Method Statement.
- Full clean driving license and flexibility to travel nationally and internationally.
Desirable
- Experience in developing security policies, standards, and procedures.
- Familiarity with threat intelligence, vulnerability assessment, Identity management, and incident response.
Qualifications
Essential
- The candidate will hold a 3rd-level qualification or equivalent in engineering or equivalent with experience in OT and C&I technologies, projects and practices.
Desirable
- Preferable certifications in ISA 62443 Expert, CCNP, ICS-CERT, or SANS etc.
- OEM Certified training on the control systems and safety systems.
- Demonstrated active engagement with engineering institutions or professional societies for embedding good engineering and industrial cybersecurity practice in projects and work practices.
Location
The position is based at either Dublin One DAC or Eastgate Offices and will involve occasional travel. Tailored working arrangements will be considered with the operational requirements of the role and in alignment with the ESB SMART Working model and C&I Team Charter
Reporting to
OT Cybersecurity Team Lead
Why Work with Us?
- Opportunity to lead Ireland’s transition to net zero carbon future
- Progressive, hybrid working model
- Career development through mentoring and training
- Corporate Social Responsibility Opportunities
- Sports and Social Clubs
- Networking opportunities
- Credit Union
- Generous Pension
- Access to staff well-being programmes
- Generous parental leave entitlements
- Strong values-based and inclusive culture
- Strong commitment to diversity, equity and inclusion
- Great team environment working to our Core Values: Courageous, Caring, Driven and Trusted
Salary
€57,000 - €67,000
Closing Date
13th November 2024
Note: Applicants who anticipate requiring assistance or reasonable accommodations for any part of the application or interview process may contact, in confidence, recruitment@esb.ie
If you have any queries in relation to this job, please contact recruitment@esb.ie
Your application will be held in reserve for 6 months should you be suitable for the role.
Tags: Active Directory Antivirus Audits C CCNP CERT Compliance Encryption Firewalls Governance ICS IDS Incident response Industrial Intrusion detection ISO 27001 NIST Risk assessment SANS SCADA Security assessment SIEM SOC Strategy Threat intelligence Vulnerabilities
Perks/benefits: Career development Equity / stock options Parental leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.