Senior Cyber Security Engineer

Senior Cyber Security Engineer

Application Deadline: 30 April 2024 Department: IT Employment Type: Permanent Location: South Africa Reporting To: Group Cyber Security Manager

Description

For more than 20 years, Globeleq has been a long-term investor, developer, owner and operator of diversified power projects in Africa, where the company is one of the largest Independent Power Producers., With nearly 1500MW of generation capacity in operation across 16 power plants in 7 countries, 488MW of new power projects in construction and >2,000MW in development, Globeleq is one of the largest independent power producers solely focused in Africa. Globeleq is 70% owned by British International Investment and 30% by Norfund, the development finance institutions of the UK and Norway, and has a proven track record for supporting the ongoing development of the African power sector. Globeleq’s various generation technologies include gas, wind, solar PV, battery energy storage (BESS), and geothermal. The company is also actively pursuing new opportunities which are emerging from the energy transition, including desalination projects powered by renewables, as well as green hydrogen and ammonia projects. Globeleq is hiring a Senior Cyber Security Engineer, the main purpose of the role will be to support the Group Cyber Security Manager to develop cyber security strategies, create awareness of cybersecurity, execute against strategic and tactical roadmaps, and give security operational support. The Senior Cyber Security Engineer will use their knowledge of threats and vulnerabilities to plan, build, implement, operate, and upgrade cyber defence systems against a range of cyber security concerns across the Globeleq IT, OT and Cloud environments. The role is technical in nature and will be based either in Cape Town or Johannesburg, South Africa, with frequent travel to Globeleq regional offices and power plants throughout Africa.

Key Responsibilities

Cloud Security

• Design, manage, configure and maintain security of the groupwide Azure Security tenant and M365.
• Follow the change control process and work with IT and OT teams to test any changes prior to implementation and drive adoption with end-users.
• Work with IT/OT Managers and third parties to execute against the cybersecurity roadmap and to implement technical security solutions.

Network Security

• Centrally manage and maintain firewalls across the group including policies, configuration, updates, replacements and restore.
• Lead the development and maintenance of global firewalling best practice standards and be responsible for global licensing strategies.
• Develop global VPN and network access methods and policies and ensure a zero-trust methodology is upheld.
• Ensure full redundancy and uptime of firewalls is upheld, and SLAs are met.

Platform Cyber Security

• Define and drive the secure engineering and configuration of IT and OT platforms i.e. laptops, servers, email systems security devices and other systems to reduce the likelihood of exploitation of misconfigured devices.
• Work with IT and OT teams to remediate software vulnerabilities to reduce the likelihood of exploitation.
• Implement compensating controls and workarounds if a configuration or patch cannot be applied to mitigate the overall risk.
• Drive the execution of patching activities with IT teams of IT and OT network equipment where required.

Cyber Security Assessments & Investigations

• Conduct risk assessments to identify and remediate vulnerabilities and threats specific to the IT and OT energy sector.
• Propose and implement risk mitigation strategies, considering regulatory compliance and industry best practices.
• Perform cybersecurity assessments for new business developments, upgrades and changes to IT and OT environments.
• Plan and co-ordinate penetration testing and other assessments across Cloud, IT and OT environments.
• Produce risk based reports and recommendations to management for decision making.
• Maintain the cybersecurity risk register to track changes in the cybersecurity risk of the organisation.
• Lead cybersecurity investigations together with IT/OT teams and third-parties to identify and resolve root causes for cyber events and breaches.

Security Awareness, Reports, Audits & Compliance

• Collaborate with energy engineers, system operators, and IT teams to enhance security awareness.
• Perform regular phishing simulations and drive remedial training with end-users.
• Provide training sessions on security protocols and emergency response procedures.
• Stay informed about energy industry regulations (NERC CIP, ISO 27001, etc.).
• Ensure compliance with security standards and participate in audits.
• Conduct regular security audits and assessments to ensure compliance with regulatory requirements, industry standards, and internal security policies.
• Generate and produce technical and management reports targeted at the relevant audience for analysis and decision making.

Incident Response and Threat Management

• Lead incident response efforts and work with outsourced managed security service providers during security breaches or cyber incidents.
• Investigate and analyse security incidents, ensuring timely resolution and lessons learned.
• Perform red team exercises, breach and attack simulations and implement controls to mitigate risk and control gaps.
• Stay abreast of the latest cyber threats and trends and leverage threat intelligence to enhance our security posture and response capabilities.

OT/ICS Cybersecurity

• Build security into Operational Plant / Industrial control plants and networks.
• Collaborate with cross-functional teams, including IT, operations, and legal and compliance, to integrate security into the design, construction, development, projects and operation of our energy and IT infrastructure.
• Complete other tasks as delegated by the Line Manager.

Skills and Competencies

• Very good verbal communication, able to explain complex technical information succinctly and clearly to non-technical staff
• Very good written communication, including able to write clear, concise emails and report-writing.
• High proficiency for self-driven learning, in a fast-changing field
• Able to work independently with little to no supervision.
• Able to work in multicultural context
• Able to influence others without line authority
• Excellent analytical and problem-solving ability, with a solutions-focussed approach
• Good project management skills and able to coordinate others in order to achieve objectives
• Able to work well under occasional high-stress/high-risk situations
• Able to handle multiple tasks, prioritise work and work effectively under limited supervision.

Experience & Qualifications

The following experience and qualifications would be considered as a minimum requirement.

• 5+ years’ experience in enterprise and operational technology networking.
• 5+ years’ experience in cyber security engineering or architecture roles.
• 3+ years’ experience in securing operational technology.
• High competency in managing Palo Alto, Fortigate, Juniper and Aruba network equipment.
• Experience in vulnerability management, incident response and cloud security, using Azure and M365 Defender.
• High proficiency in the Microsoft Azure security, M365 Defender, Sentinel SIEM and Intune (EndPoint Manager).
• Relevant Cyber Security certification.
• Code B driver’s license.

The following experience and qualifications would be considered an advantage to an applicant.

• Cybersecurity Framework (NCSF).
• Certified Information System Security Professional (CISSP) or NIST.
• Certified as competent in CompTIA Cyber Security Analyst (CySA) or EC-Council Certified Network Defender (EC-CND).
• Linux and Windows Server experience advantageous.
• Experience with ERP/CMMS systems, such as SAP or IFS.
• Juniper JNCIS (SEC/ENT) preferable, Cisco CCNP (ENT/SEC) or equivalent qualification.
• Palo Alto PCNSA.
• Comptia S+ or JNCIA.

#J-18808-Ljbffr