Arbetsbeskrivning

OT Cyber Security Engineer – Substation Automation

Key Responsibilities:

1. Security Audits

• Identify vulnerabilities in IEC 61850-based communication, RTUs, IEDs, and SCADA networks.
• Assist to perform penetration testing and red teaming for substation control environments.
• Perform technical audits of SCADA devices and networks, and any other connected networks, to identify security concerns.
• Evaluate security compliance with NERC CIP, IEC 62443, and IEEE standards.
• Support Global Projects by adapting HVDC Cyber security for SCADA & HMI.

2. Security Implementation & Architecture

• Design and implement segmented network architectures for substations (firewalls, DMZs, VLANs).
• Secure IEC 61850 protocols (GOOSE, MMS, SMV) to prevent cyber-attacks.
• Deploy Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM), and Endpoint Protection for OT environments.
• Harden SCADA servers, HMIs, and substation gateways against cyber threats.
• Develop architecture & functional descriptions for Functions / Solutions for future HVDC in cyber security technologies.
• Evaluate and strengthen the security of any connections to the SCADA network.
• Monitor and Validate third party security patches to ensure that reliability of the system is maintained.
• Implement the security features provided by device and system vendors.

3. Incident Response & Threat Management

• Develop and test Incident Response Plans (IRP) for cyber events in substations.
• Monitor threat intelligence and assess the impact of cyber threats on energy transmission systems.
• Assist in forensic investigations of cybersecurity incidents in substations.
• Implement Zero Trust Architecture (ZTA) and role-based access control (RBAC) in substation networks.

4. Compliance & Regulatory Alignment

• Ensure compliance with NERC CIP (Critical Infrastructure Protection) for bulk electric systems.
• Align cybersecurity controls with IEC 62443, ISO 27001, and IEEE 1686.
• Assist in audit preparation and regulatory reporting for utilities and power grid operators.

5. Collaboration & Stakeholder Engagement

• Work with utility companies, regulators, and vendors to enhance grid cybersecurity.
• Participate in industry working groups (NERC, IEEE, ISA, EPRI) to influence cybersecurity standards.
• Support projects in resolving the issues related to Cyber security Functions.

Required Skills :

Technical Skills

• Deep understanding of substation automation (IEC 61850, DNP3, Modbus, MMS, GOOSE messaging).
• SCADA, RTU, IED, and EMS security expertise.
• Network security (firewalls, IDS/IPS, VPNs, NAC) in OT environments.
• Vulnerability assessment and penetration testing of OT/ICS systems.
• Experience with SIEM, log management, and anomaly detection tools.