Offered Salary 1000
Experience 4 Years
Job Description Summary
Job Description Summary
You will be part of a team that defines the substation LAN Networks and ensures Cybersecurity compliance for the HVDC Substation Automation Systems. You will be working on a number of large global projects involving several stakeholders and knowledge of various cybersecurity standards is essential.
Main duties and responsibilities will include.
Being able to develop cybersecure network architectures primarily based on the principles set out in IEC 62443-3-3.
Act as the point of contact for all matters related to cybersecurity in a project environment. This includes evaluating the solutions of various 3rd party suppliers which interface to the control system.
Support Tendering teams during the bidding process for any cybersecurity related requirements from various customers. Knowledge of a range of Cybersecurity regulations such as EU NIS,NERC and BDES is essential
Producing Network Diagrams detailing the high-level LAN topology, redundancy and networking equipment used.
Ensures the Secure Deployment Guides for the HVDC Control System and 3rd party system interfaces are adhered to.
Ensures the Security Assurance Plans are followed by all relevant project stakeholders during the complete project duration.
Support the design of LAN networks and Communication Architectures of the HVDC Control System from concept to commissioning.
Define IP address strategies for the complete control system.
Able to configure Operator Workstations in a substation environment including Network Interface Cards, set up active directories , disable services etc
Share engineering information and promote open dialogue.
Ensure documentation of technical data generated for the assigned projects and/or tasks is inline with engineering policies and procedures.
Being able to map requirements between different cybersecurity standards
Being able to analyze and evaluate different cybersecurity solutions
Being able to justify solution/analysis/evaluation in front of a Customer and technical audience
Being able to build functional architecture from ground up (DMZ, configuration network)
To be familiar with hardening concept (on computers, switches, routers and IEDs)
Knowledge of the process for monitoring vulnerability publications
To be familiar with patch management process to correct vulnerabilities published
Knowledge of documentation to be provided with the associated level of confidentiality
Lead Cybersecurity Engineer requirements.
Knowledge of IEC 62443 standard mainly parts 4-1, 4-2, 3-3 and 2-4.
Familiarity with secure remote access architectures using VPN and PKI technologies.
Knowledge of virtualization platforms such as VMWare / Workstation, PROXMOX
Knowledge of configuring virtual machines using different operating systems, i.e. Windows, Linux.
Knowledge of next generation firewalls such as Fortinet and their configuration
Knowledge of Intrusion Detection Systems such as Nozomi, Radiflow
Knowledge of disaster recovery, patch management, anti-malware tools
Knowledge of snmp and syslog for network monitoring and management
Knowledge of standard cyber topics such as AAA, RBAC and Network Access Control.
Knowledge of industrial protocols (IEC 61850, IEC 101 / 104, MODBUS) and methods to diagnose / debug using Wireshark
Qualification in Communication engineering or related field.
Strong background in configuring Substation LAN’s especially within a IEC61850 environment
Excellent knowledge of commonly used Layer2&3 protocols such as Ipv4,OSPF,LACP,DMZ,VPN
Knowledge of Network Security/Hardening and Cybersecurity best practices.
Experience with one of REASON,Westermo,Meinberg products is advantageous.
Strong background in Distributed Control Systems / Substation Automation
Relocation Assistance Provided: No