Senior Technical Consultant - OT Cyber Security

Job Description

At WSP, you can access our global scale, contribute to landmark projects and connect with the brightest minds in your field to do the best work of your life. You can embrace your curiosity in a culture that celebrates new ideas and diverse perspectives. You can experience a world of opportunity and the chance to shape a career as unique as you.

As one of the world's leading engineering, professional services and technical consultancy firms, at WSP, we are passionate about the big questions. And big answers, naturally. For us, it is all about reaching beyond the expected to do work that will make a profound impact felt long into the future.

WSP's recent global digital strategy defines key strategic offerings that WSP wants to grow and invest in. 'Operational Technology Cybersecurity' is one of them. This marks a significant acknowledgement of our cyber security success story so far and the commitment to our teams and clients to continue to deliver cyber security services applied and in context.

WSP has a vacant position for a Cyber Security Consultant to join our industry-leading Cyber Security Capability team, which is delivering specialist cyber security services to a wide spectrum of industries.

As a key member of the team, you will be able to access a range of benefits, from targeted professional development, the opportunity to contribute to the direction of our business and to help us improve the way we do things. You will contribute to the capability of our team providing cyber security and strategy advice, technical assurance, solution guidance, specification, design, and testing assurance to our domestic and international clients.

You will provide technical consultancy services in close alignment with client needs and will be leading WSP's cyber security deliverables through the lifecycle of an OT/IT development and Digital Transformation projects. You will also be providing strategic advice across our client spectrum as part of your delivery and growth role.

You will have a background in Cyber Security, OT, Integration or Systems Engineering with a consultancy or supplier. You will ideally have led teams and worked with junior cyber security professionals and supported them in their career development.

• Advising the client on Cyber Security compliance especially in regard to NIS-D, NIST, ISO 27001, ISA/IEC 62443 and other relevant industry standards and best practices
• Developing a framework for governance as well as developing Cyber Security and Information Security Management systems
• Analysing Cyber Security controls, commenting on an architecture proposal and conducting Threat and Risk assessments
• Cyber Security requirements analysis and tailoring them to the client's needs
• Understanding business and technical requirements and translating them into tangible actions
• Collaborating with clients, government agencies, partners and supply chain to define technical and procedural solutions to complex problems
• Working across projects to support the delivery of best practice Cyber Security
• Present to clients our Cyber Security services and define the best possible way to support them with challenges in Digital Resilience

Expertise in several of the following areas:

• Specifics of OT, IT and IoT/IIoT cyber security
• Industry specific experience of applied cyber security, ideally gained within the following sectors;
  Energy e.g. Nuclear, Oil/Gas, Electricity, Rail/Road, Healthcare, Smart Infrastructure/Buildings, Aviation, or Maritime.
• Team leadership skills and early career professionals development
• Government Frameworks
• Writing proposals in collaboration with the sales team
• At least one of Telecoms, SCADA, mission critical, safety critical or big data architectures
• Threat modelling, Vulnerability analysis, Risk matrix modelling.
• Secure Dev Ops and secure systems engineering lifecycle
• Security Policy and governance
• Cloud Security including OT in the Cloud
• Incident Management frameworks, Security incident analysis, digital forensics, crisis management, SOC operations and supporting tools
• Strong knowledge and practical experience of cyber security platforms/tooling including IDS/IPS, SIEM, EDR/MDR, and system/device hardening would be advantageous.

Also, during your professional experience you will have gained experience in an OT/IT or electronics engineering/systems company with knowledge and practical experience in leading teams, collaborating with clients and partners within a Cyber Security environment.

We are looking for someone who has sound practical knowledge on the use and application of risk assessment methodologies in systems and software development (including Agile, ITIL and V-model processes) and combining them for optimal solutions.

If your career has given you the opportunity to author and publish technical reports,…