Cyber Security Engineer

Cyber Security Engineer We are seeking a highly skilled and experienced Cyber Security Engineer to manage and enhance our IT, Operational Technology (OT), and Internet of Things (IoT) security infrastructure. The ideal candidate will be responsible for protecting our systems against cyber threats, ensuring the confidentiality, integrity, and availability of all data and services. The role also involves designing IT security systems based on technical diagrams provided by IT consultants, collaborating with an external security system integrators for IT, OT, and IoT network design, and coordinating with vendors for the end‑to‑end implementation of the security network. The successful candidate will liaise closely with the IT Project Manager, providing regular updates on project progress, milestones, and activities. Responsibilities - Develop and implement comprehensive cybersecurity strategies for IT, OT, and IoT environments. - Design and deploy security solutions and technologies to protect IT, OT, and IoT systems. - Conduct risk assessments and vulnerability analyses to identify and mitigate potential security threats. - Design and implement a Cybersecurity Incident Response Plan, including detailed response playbooks. - Conduct audits to identify security violations, vulnerabilities, or process gaps. - Implement robust security controls aligned with organisational and regulatory standards. - Upgrade networks and systems to adhere to industry best practices and evolving cybersecurity frameworks. - Research, test, and implement advanced security technologies to strengthen Metal Park’s cyber resilience. - Develop and maintain firewalls and other security barriers within the network infrastructure to prevent unauthorised access. - Manage and monitor security tools and technologies, including firewalls, intrusion detection systems, and anti‑virus software. - Implement and manage access control systems and identity management solutions. - Perform regular security assessments, penetration testing, and security reviews of IT, OT, and IoT systems. - Develop and implement security measures specific to IoT devices and networks. - Ensure secure deployment and management of IoT devices, including firmware updates and patch management. - Assess and mitigate risks associated with IoT devices and their integration with IT and OT systems. - Develop and maintain incident response plans for IT, OT, and IoT environments, and lead incident response efforts, coordinating with teams to mitigate breaches and report incidents to the IT Project Leader. - Conduct regular vulnerability assessments and penetration testing; prioritise and remediate vulnerabilities, ensuring timely patching and configuration updates. - Stay current with cybersecurity regulations, standards, and best practices relevant to IT, OT, and IoT, ensuring compliance with NIST, IEC 62443, and internal security policies. - Provide cybersecurity awareness training to employees, members, and third‑party vendors, fostering a culture of cybersecurity awareness. - Collaborate with IT, OT, and IoT teams, and external vendors to implement and support security solutions, and communicate risks and recommendations to non‑technical stakeholders. Key IoT Security Principles - Defence in Depth – implement multiple layers of security controls across the IoT ecosystem. - Zero Trust Architecture – never trust, always verify; authenticate and authorise all IoT communications. - Least Privilege – grant only the minimum necessary permissions to IoT devices and users. - Secure Defaults – configure IoT devices with security‑first default settings. - Implement secure boot processes to prevent firmware tampering. - Use Hardware Security Modules (HSMs) or trusted execution environments where feasible. - Regularly update device firmware and apply security patches. - Implement strong authentication mechanisms for device and user access. - Use encryption for data at rest and data in transit. - Segment IoT networks from corporate networks to reduce attack surfaces. - Monitor all IoT traffic for anomalies and potential threats. - Implement Network Access Control (NAC) for all IoT devices. - Use VPNs or secure tunnelling protocols for remote IoT access. - Conduct regular security assessments and penetration testing of IoT systems. - Implement endpoint security solutions to safeguard IT and OT devices, including computers and endpoints. Qualifications - Bachelor’s or Master’s Degree in engineering or a related field. - Minimum 5+ years of work‑relevant experience in cybersecurity. - Proven experience implementing and maintaining controls aligned with ISO 27001 and managing an Information Security Management System (ISMS). - Demonstrated ability to support ISO 27001 audits, certification processes, and continuous improvement cycles. - Strong understanding of ISO 27001 clauses, Annex A controls, and risk treatment methodologies. - Experience with SIEM integration and optimizing log backup and restore. - Expert knowledge in NIST and ISA 62443. - Hands‑on experience deploying security protections (e.g., WAF, IDS/IPS, EDR, endpoint security). - Skilled in using security tools for vulnerability assessments (API, Web, Mobile). - Good knowledge of OWASP Top 10 and SANS. - Passionate about cyber security trends and technology. - Strong analytical skills, creative and critical thinking abilities. - Preferably, training or certifications in ISA 62443, CISSP, GIAC, IC‑CERT, or SANS. - Global Industrial Cyber Security Professional (GICSP) certification is advantageous. Seniority level Mid‑Senior level Employment type Full‑time Job function Information Technology Industries Metal Treatments #J-18808-Ljbffr