Cyber Security Engineer

• Cyber security technical design and security assurance plan.
• Design and configure Cyber security functionality according to customer security requirements, and GE Grid policies and industry standards and best practices.
• Carry out risk assessments and develop remediation and risk treatment plans.
• Apply the customer and industry security standards to the projects engineering design, and directly engage the Cyber security discussions with customer and stakeholder teams.
• Carry out research into latest security threats intelligence and protection techniques.
• Create quality Cyber security engineering documentation.
• Configure authentication, endpoint protection, security logging, backup and recovery tools.
• Configure the network and security devices, layer 2, layer 3, ACL, IDS.
• Produce operational technology vulnerability bulletins for customers.
• Develop mitigation plans for applying security patches and participate in incident response.
• Develop security testing plans for Factory and Site Acceptance Testing (FAT/SAT).
• Carry out security system unit and integration testing in the test environment.
• Develop plans for remediation after evaluating the test results.
• Participate in security events and incident response and root cause failure analysis.
• Support the control system engineering tasks, SCADA systems and database configurations, upgrades and modifications and testing.

Do you have experience in Unit testing?, Do you have a Master's degree?, * Bachelor's or master's degree in engineering or computer science.

• ISA/IEC 62443 qualification.
• Other Cyber and information security certifications such as CISSP, CISM.
• Knowledge of Cyber and information security standards and frameworks, ISA/IEC 62443, BDEW, ISO/IEC 27001, 27002, 27019, NIST framework and publications, NIS Directive.
• Experience on OT Cyber Security design and implementation for Industrial Automation Systems and Data Center with functional knowledge on (Access Control , Antimalware Management, Backup and recovery, Security log management, Patch Management, System hardening, network segmentation and perimeter security)
• Knowledge on Cyber Security Solution and tools ( Firewall, routers, IDS , McAfee EPO etc., WSUS, Active Directory, LDAP,RADIUS, B&R Solutions Paragon, Acronis etc. Syslog managers and SIEM)
• Knowledge of Industrial communication protocols (Modbus RTU, Modbus TCP, Profibus, OPC, IEC61850, IEC60870-5-101104 ,DNP3)
• Knowledge and practical skills in applying security knowledgebase and standards, systems secure configuration and hardening, Centre for Internet Security (CIS) benchmarks, OWASP top 10 and Application Security Verification Standard (ASVS).
• Knowledge of industrial protocols and standards, IEC 60870, IEC 61850, IEC 62351.
• Experience of Electrical industry, grid automation, or similar role.

Characteristics

• Team player and hands-on approach to ensure project success.
• Self-motivating, proactive and results driven.
• Curious, resilient, and willing to learn.
• Flexibility, able to work to high pressure deadlines with high quality delivery.
• Building good customer and stakeholder relationships, travel to GE and customer sites.
• Strong problem-solving and root cause identification skills.