Cyber Security Engineer - FPS - Grangemouth

All - IT
Ref: 1308 Date Posted: Saturday 04 Jun 2022
LinkedIn ShareShare

Cyber Security Engineer


Location        

Grangemouth

 

background

FPS is a 100% INEOS-owned integrated oil and gas liquid transportation and processing system with a nominal capacity in excess of one million barrels per day serving the central area of the North Sea.

 

Oil and gas liquids from over 50 offshore fields and St Fergus flow through pipelines into FPS. FPS transports crude oil and gas liquids from offshore and onshore entry points, processes the liquids at Kinneil and redelivers to the customer Forties Blend crude oil at Hound Point and either Raw Gas or fractionated Gas Products at Grangemouth

job purpose

Reporting to the Cyber Security Technical Authority, the post holder will join the FPS Automation and Control supporting the whole of the FPS asset based organisation. The role will perform IT security monitoring, analysis and reporting to ensure that Ineos FPS meets our critical compliance requirements. The role will contribute to and maintain IT Security procedures, standards and guidelines based on knowledge of best practices and compliance requirements. The role will provide an opportunity to develop and work across all aspects of security with support to gain GIAC & full Cisco certification working towards fully chartered status.

principle accountabilities

  • Cyber security Goverence  
    • Drive the security gap and compliance program
    • Develop in-depth knowledge of OT vulnerabilities and exploitation techniques
    • Develop an in-depth knowledge of security best practices; compliance with UK and International security standards and best practice
  • Protection systems
    • Maintain and manage upgrades of Intrusion detection and prevention systems
    • Manage Control Network & Firewall management and maintenance program -
    • Maintain Active directory and access systems – Responsible for the domain administration
    • Implement Data security procedures and check systems compliance
    • Help maintain Microsoft patch distribution and update systems, end point protection and white listing.
  • Monitoring and Alert system Implementation and management
    • Maintain and develop monitoring and alert systems (SIEM)
    • Conduct log-based and end point threat hunting projects to identify threats and provide the business with solutions and remediation strategies
    • Develop innovative, automated, monitoring and reporting solutions to detect and report anomalous behaviour across the OT environment
    • Take a lead role with Response and Recovery
  • Response and Recovery
    • Help manage & test emergency response capability across all parts of the business

special features

  • This role provides support for all assets within Ineos FPS
  • Occasional travel to our Aberdeen based and offshore assets required in line with Incident response and disaster recovery exercise
  • The role will also require the individual to be an active member of CiSP and attend security conferences when required.

qualifications and technical experience

  • Bachelor degree in IT (Computing Science or Software Engineering)  
  • Security related qualifications CISSP, CISA/M, SANS GIAC or equivalent industry experience (desirable)
  • Exposure to or knowledge of NIST Cyber Security Framework (desirable)
  • Exposure to or knowledge of IEC 62433 (desirable)
  • Self-starter, with strong team-working, influencing, communication and other interpersonal skills
  • Demonstrates bias for action
  • Driven to attain goals and pursue excellence
  • Ability to communicate effectively across a range of organisational levels
  • A logical, proactive and methodical approach to problem solving.
  • The ability to recognise key issues and who needs to know about them
  • Disciplined planning and organisational skills together with the ability to perform under pressure.

how to apply

Please register and submit your application via INEOS Opportunities https://www.ineosopportunities.co.uk/

Please note applications not received via this method cannot be considered for interview.