Security Operation Center Transition Manager
Job Type | Contract |
Area | City of London, England |
Sector | Consultancy / IT |
Salary | GBP 600 - 700 Day Rate |
Start Date | ASAP |
Advertiser | Asher Courtney |
Job Ref | 25536 |
Job Views | 105 |
- Description
- £600 - 700 per day (Inside IR35) - Aberdeen (hybrid)
My client is currently hiring a Senior Operational Technology (OT) Control Systems IT Security Consultant to work on a Capital Project in an Industrial Automated Control Systems (IACS) IT Security environment in Aberdeen. This is a hybrid role which offers cross-business exposure and requires a deep understanding of the relevant engineering disciplines (PACO, IT systems engineering and data networking), technical HSSE, project engineering techniques, coupled with a strong set of business analysis skills.
In the Capital Project, the purpose of the Control Systems IT Security Consultant role is to deliver an end-to-end security solution, including the design and implementation of systems that enable the interoperability between the Office and the control systems during the OPERATE phase.
The candidate will execute the following activities:
• Develop and define the OT Security requirements for individual Capital Projects, ensuring that the associated specifications are included in the appropriate contract documentation and include all information required at handover for Operate.
• Manage OT Security scope in line with the contracting agreements defined for the project.
• Ensure DCAF deliverables are of good quality for the review and assurance process.
• Act as a senior project resource for both local OT Security projects/discretionary work and global OT Security projects as demand requires.
• Provide subject matter expertise on OT Security systems, networks, and OT/IACS system design to projects including architecture, risk assessment, and implementation phases.
• Operate the OT Security controls focusing on patching, anti-virus, backup & restore, and asset inventory controls as part of Project activities and ensure that Contractors have appropriate process, procedures, and controls to ensure that their workforce and their subcontractors/vendors also comply with the COMPANY security policy.
• Ensure FAT and SAT testing is sufficient to test and verify the functionality requirements in line with the project specification.
• Ensure commissioning plan and quality of inspection test records meet the functional requirements of the specification and the handover requirements for the COMPANY operational support teams.
• Ensure project execution team build and maintain an asset inventory and logical network drawings of Process Control Systems components documenting Process Control Systems, network traffic, and data interfaces.
• Ensure project execution strategy includes an option to complete the early deployment, commissioning, and handover of Facility OT Security infrastructure to enable secure traffic flow and remote access to the Facility Process Control Systems during commissioning and pre-start up.
• Design and implement data communication channels and technology selections for data transfers between systems.
• Develop, maintain, and execute any site-specific procedures required to maintain Process Control Systems Security compliance.
• Have an overview of security measures implemented and documented non-compliance to Information Security and OT Security requirements.
• Networking design and deploy backup system configuration for servers and network equipment and ensure backups are stored securely.
• Implement change management procedures and testing procedures for network and endpoint Security and ensure endorsement from business.
• Design, implement, and review firewall rules in line with Shell’s OT Security best practices.
• Embed OT Security best practices and raise OT Security awareness.
• Demonstrate problem solving, critical thinking and logical structuring skills.
• Gain quick understanding of international/Shell OT Security standards and translate them into specifications documents and controls that will be implemented in projects.
EXPERIENCE AND QUALIFICATIONS REQUIRED
• Minimum Experience: 10+ years implementing and managing IT Security within an operating environment.
• Minimum Education or Certification: 4-year Degree related to IT or relevant certifications.
• Understanding of Capital Project realization process and assurance framework.
• Minimum of 4-year experience in DEFINE and EXECUTE phases of Capital Projects.
• Understanding of Capital Project contract and procurement process and procedures.
• Experience in project testing, commissioning, and handover process.
• A strong understanding of international OT Security standards and ecosystem.
• Local and International travel may also be required to support project-based activities.
• Excellent Communication Skills
• Strong stakeholder management
• Strong technical skills and experience network device configuration (switch, router, firewall) and systems administration (Wintel, Linux)
• Cyber security skills including risk assessment.
• Engineering/PACO experience/certification
COMPETENCE LEVEL
• Project planning and delivery – (Knowledge)
• Agile principles and methodologies – (Awareness)
• Team Working i.e. works well in a team – (Skill)
• Analytical Skills and Problem-Solving capability (Skill)
• Multitasking – ability to conveniently work on multiple activities simultaneously (Skill)
• Communicates well with business staff, i.e. non-IT people.
• Ability to work in a complex and diverse project environment
• Ability to manage issues without impacting interpersonal relationship
• Focused on delivering results
• A good self-starter – pro-active
• Fluent in English