OT Cyber Security Engineer

OT Cyber Security Engineer

Stone - Staffordshire (travel into the office once per week with the odd customer site visit in the UK)

Permanent

Up to 65k

A leading company in operational technology and digital transformation is seeking an experienced Industrial Control Systems (ICS) Operational Technology (OT) Cyber Security Engineer to join their Service and Support team. The role involves designing and securing OT networks across various critical industries, conducting advanced threat analysis, penetration testing, and vulnerability assessments. The engineer will develop and implement cybersecurity solutions, lead risk mitigation efforts, mentor junior team members, and support project management and business development activities. The position requires travel to the office and customer sites across the UK.

Essential Experience:

• Education & Experience: Bachelor's degree in computer/system science and 5+ years in cybersecurity, with 2+ years in critical infrastructure/ICS environments (e.g., SCADA, PLCs, RTUs).
• Industry Knowledge: Ability to work across sectors such as chemical, water, oil & gas, and energy.

Technical Skills:

• Securing ICS communications protocols (e.g., MODBUS, OPC, DNP3).
• Designing/configuring secure networks (switching, routing, firewalls).
• Securing IT/OT communications and real-time/performance-sensitive systems.
• Documentation: Experience creating Functional Design and Cyber Security Specifications.
• Security Standards: Familiarity with frameworks such as NIST 800-53/800-82, ISO 27001, IEC 62433, NIS-R, etc.
• Stakeholder Management: Proven ability to manage relationships at all levels.
• Customer Focus: Commitment to customer service and performance culture.
• Clearance: Must be eligible for SC (Security Check) clearance.

Desirable Experience:

• Experience in both engineering and non-engineering environments.
• Familiarity with customer satisfaction and retention initiatives.
• Knowledge of Lean and Agile tools (e.g., Microsoft Planner, JIRA, Confluence).
• Involvement in offensive cybersecurity (red teaming, use of tools like Metasploit, Nmap, etc.).
• Experience with physical security assessments aligned with NIS and NPSA standards.
• Expertise in Digital Forensics and Incident Response (DFIR) in industrial environments (e.g., VxWorks, RTOS, Embedded Linux, WinCC, PCS 7).

Benefits:

• 28 days holiday plus bank holidays
• Flexible working, predominantly office based.
• Flexible Pension Scheme
• Life assurance policy
• Private health care
  
  (Rullion is a recruitment agency)

Rullion celebrates and supports diversity and is committed to ensuring equal opportunities for both employees and applicants.