Cybersecurity Senior Engineer

ContourGlobal develops, acquires, and operates power generation facilities with proven and cutting-edge energy technologies. We are an international high-growth company, founded in 2005, that has grown exponentially to own and operate a fleet of renewable and thermal assets, located in 20 countries across 4 continents. Wherever we operate, we are committed to the highest standards of health and safety, environmental, social responsibility, our people’s well-being. Our longstanding ESG pledge includes becoming net-zero carbon by 2050.

Acquisition of ContourGlobal by the US private-equity fund KKR will enable us greatly to further expand our portfolio, increase investment in the energy transition, and take advantage of new opportunities in our core markets. Our multinational, integrated team of almost 1500 people prides itself on our culture and values, and welcomes entrepreneurial, innovative, ambitious, and collaborative professionals to come join us.

JOB SUMMARY:

We are currently seeking Cybersecurity Senior Engineer to complete the Cybersecurity and Operations team. The Cybersecurity Architecture Senior Engineer reports to Deputy Chief Information Security Officer and has the responsibility to deploy cybersecurity infrastructure and support deployment of CG technology in accordance with ContourGlobal’s (CG) cybersecurity architecture templates and standards. This position also is a key member of CG’s Cybersecurity Incident Response Team.

KEY RESPONSIBILITIES:

• Design and configure ContourGlobal’s (CG) cybersecurity infrastructure in accordance with cybersecurity architecture standards.
• Design and support deployment of cybersecurity controls for ContourGlobal’s IT and OT technology platforms and networks.
• Plan, implement, test, maintain, and upgrade cybersecurity infrastructure and technology platform cybersecurity controls.
• Troubleshoots cybersecurity infrastructure and control problems.
• Develop defined actionable cybersecurity controls implementation guidelines and required levels of protection that align with ContourGlobal’s enterprise level cybersecurity risk and control framework.
• Support cybersecurity incident response.
• Support IT and OT change management process.
• Testing and identifying network and system vulnerabilities.
• Develop defined actionable cybersecurity controls implementation guidelines and required levels of protection that align with ContourGlobal’s enterprise level cybersecurity risk and control framework.
• Conduct periodic assurance reviews across all cybersecurity infrastructure and IT and OT platform controls to ensure that designs are built and implemented to the agreed cybersecurity architecture.
• Collaborate with the Cybersecurity GRC function to process and evaluate cybersecurity architecture and design exception requests.

OTHER ACTIVITIES:

• Collaborate with the cybersecurity leadership team to ensure appropriate enterprise level cybersecurity systems and tools align with cybersecurity strategy and are reflected in the cybersecurity program roadmap.
• Maintain a formal enterprise-wide required and preferred IT and OT security tools and architecture library.
• Advise corporate IT/OT functions, plant operational management and business stakeholders on cybersecurity vendor and tools selection, with emphasis on ensuring that tools address business entity requirements and maximize reusability.
• Develop action (project) plans for cybersecurity systems and controls within enterprise systems, aligned to ContourGlobal’s cybersecurity strategy and enterprise cybersecurity roadmap.

COMMIT TO LEAD WITH OUR VALUES:

• Commit to CG values as expressed in the Essential Information. Model the values in any interaction internally and externally
• Put Health and Safety First
• Embrace Timely Transparency
• Model the 3Cs – Communication, Collaboration and Coordination
• Embrace Failure analysis and continuous improvement including Five Whys
• Seek out ways to incorporate technology and Artificial Intelligence into the company’s legal practice

QUALIFICATION AND SKILLS:

• Minimum of 5 years in Cybersecurity operations ideally within Energy sector
• A degree in computer science, IT, systems engineering, or related qualification
• Highly collaborative with ability to articulate ideas and influence peers and senior leaders
• In-depth knowledge of cybersecurity design and implementation practices, ideally within the Electric Utilities or similar industry sectors with critical infrastructure OT environments
• Expertise with a wide variety of cybersecurity vendors and tools, and experience designing and managing vendor evaluation processes
• Knowledgeable about cyber attackers’ tactics, techniques and procedures (TTP)
• Strong analytical and critical thinking skills
• Proficiency in analyzing and solving problems
• Ability to interact effectively with stakeholders, including senior management, and representatives from other functions of the organization
• Team player, motivated to help others and comfortable giving and receiving feedback
• Flexible, resilient under pressure, and decisive, with a proven track record of delivering results to a high standard within tight deadlines
• Willingness to travel to company facilities as required (20%)
• Certified Information System Security Professional (CISSP) certification
• Experience with OT / ICS / SCADA environments
• SANS courses: Purple Team curriculum is desirable
• Global Industrial Cybersecurity Professional (GICSP) certification is desirable
• Certified SCADA Security Architect (CSSA) certification is desirable

This position reports hierarchically to Deputy Chief Information Security Officer  

ContourGlobal provides equal employment opportunities and maintains a diverse workforce that reflects the rich environment of the society we live in and markets we operate.