Lead Network & Cybersecurity Engineer

Stafford, Staffordshire
Permanent
Full-time

2 months ago

Job Description Summary Become part of a winning team and help to deliver the Green Energy transition.At GE Grid Solutions we are electrifying the world with advanced grid technologies. As leaders in the energy space our goal is to accelerate the transition for a more energy efficient grid to full fill the needs of tomorrow. With a focus on growth and sustainability GE Grid Solutions plays a pivotable role in integrating Renewables onto the grid to drive to carbon neutral. In Grid Solutions we help enable the transition for a greener more reliable Grid. GE Grid Solutions has the most advanced and comprehensive product and solutions portfolio within the energy sector.At GE Renewable Energy, our engineers are always up for the challenge - and we’re always driven to find the best solution. Our projects are unique and interesting, and you’ll need to bring a solution-focused, positive approach to each one to do your best. Surrounded by committed, loyal colleagues, if you can dare to bring your ingenuity and desire to make an impact, you’ll be exposed to game-changing, diverse projects that truly allow you to play your part in the energy transition.What we offer:
Working in an iFamiliarity with secure remote access architectures using VPN and PKI technologies International team which is part of global Engineering HVDC Centre of Excellence within Grid Integration based in Stafford.A key role in a dynamic, international working environment with a large degree of flexibility of work agreements, you will be part of a team that defines the substation LAN Networks and ensures Cybersecurity compliance for the HVDC Substation Automation Systems.You will be working on several large global projects involving several stakeholders and knowledge of various cybersecurity standards is essential.Lead the design of secure networks and Communication Architectures of the HVDC Control System from concept to commissioning based on the principles set out in IEC 62443-3-3.Job DescriptionResponsibilities:

Lead the design of secure networks and Communication Architectures of the HVDC Control System from concept to commissioning based on the principles set out in IEC 62443-3-3.
Act as the point of contact for all matters related to cybersecurity and networking in a project environment. This includes evaluating the solutions of various 3rd party suppliers which interface to the control system.
Support Tendering teams during the bidding process for any cybersecurity and networking related requirements from various customers. Knowledge of a range of Cybersecurity regulations such as EU NIS, NERC and BDES is essential.
Ensures the Secure Deployment Guides for the HVDC Control System and 3rd party system interfaces are adhered to.
Ensures the Security Assurance Plans are followed by all relevant project stakeholders during the complete project duration.
Define IP address strategies for the complete control system.

Able to perform hardening in a substation environment.
Share engineering information and promote open dialogue.
Ensure documentation of technical data generated for the assigned projects and/or tasks is in line with engineering policies and procedures.
Assist site activities relevant to the installation and commissioning of the control system LAN network.
Oversee the testing and FAT witnessing of the Control System.
Lead Network & Cybersecurity Engineer requirements.
Lead the design, configuration and testing required to deliver on time and within defined budgets.
Follow the department’s standard design practices, engineering reviews and guidelines.

Role Requirements:

To be familiar with the patch management process to correct vulnerabilities published.
Being able to map requirements between different cybersecurity standards.

Ability to:

Analyse and evaluate different cybersecurity and networking solutions.
Justify solution / analysis / evaluation in front of a customer and technical audience.
Build functional infrastructure from the ground up (Networking, virtualization, and server operating system configuration).

Knowledge of:

The process for monitoring vulnerability publications.
Documentation to be provided with the associated level of confidentiality.
IEC 62443 standard, mainly parts 4-1, 4-2, 3-3 and 2-4.
Virtualization platforms such as VMware, HyperV and Proxmox.
industrial protocols (IEC 61850, IEC 101 / 104, PTP, OPC UA, DNP3, Modbus TCP/IP) and methods to diagnose / debug using Wireshark.
Configuring server operating systems, i.e. Windows Server.
Configuring next generation firewalls such as Fortinet.
Intrusion Detection Systems such as Nozomi, Radiflow.
Anti-malware, patch management and disaster recovery tools.
Network monitoring and management.
Standard cyber topics such as VPN technologies, Secure Network Access, Endpoint Security, and Network Infrastructure Protection.

Qualifications & Experience:

Degree level Qualification in Communication engineering or related field.
Advanced background in Distributed Control Systems / Substation Automation.
An excellent background in designing and configuring Substation LAN’s especially within an IEC61850 environment.
Knowledge of Network Security / Hardening and Cybersecurity best practices.
Excellent knowledge of commonly used protocols such as OSPF, VRRP, LACP, SNMP, SSH, SFTP.
Knowledge of industrial protocols (IEC 61850, IEC 101 / 104, PTP, OPC UA, DNP3, Modbus TCP/IP) and methods to diagnose / debug using Wireshark.
Standard cyber topics such as VPN technologies, Secure Network Access, Endpoint Security, and Network Infrastructure Protection.
Experience with one of GE Reason, Westermo, Meinberg products is advantageous.

Additional InformationRelocation Assistance Provided: No

GE Vernova

Apply Now