Cyber Security Engineer R&D

Location:

Ludvika, Dalarna County, Sweden

Job ID:

R0045412

Date Posted:

2024-03-13

Company Name:

HITACHI ENERGY SWEDEN AB

Profession (Job Category):

Engineering & Science

Job Schedule: 

Full time

Remote:

No

Job Description:

Be part of the Technology & Solutions Development (Business R&D) organization in HVDC, Hitachi Energy, Ludvika, Sweden. The HVDC technology has been on the market for the past 60 years and is an enabler for renewable energy integration, support futures energy transition for a sustainable future.

Elevate your career by securing IT/OT infrastructure, implementing cutting-edge cybersecurity standards, and collaborating on the forefront of HVDC technology. Be the go-to expert, driving excellence in cybersecurity for groundbreaking projects.

Your responsibilities

• As Cyber security R&D Engineer, you will be involved in the process of identification, testing and developing configurations for various IT/OT infrastructure devices, including and not limited to Operating system/ firmware, required for deployment of HVDC Control and Protection systems.
• Implementation of relevant industrial Cybersecurity standards and directives (i.e. NIS, NIS2, NERC CIP, BDEW, IEC 62443 3-2 & IEC 62443 3-3, FISMA), developing functionalities to our products and drive the improvement of our security posture of the organization.
• Be the “to-go” person for projects that need guidance with cyber security activities and adherence.
• Help with Gate reviews and checklists related to cyber security activities.
• Drive the release clearance activities that include CSAC, Code Signing Certifications.
• Participate in security testing of the product to ensure that the vulnerabilities are addressed before release.
• Perform product hardening, to allow only necessary function for products operation.
• Implementing group policies (active directory), installing, maintaining & trouble shooting servers, routers, and firewalls.
• Developing, evaluating, implementing Security Policies (CIS) and Procedures Technical documentation and reports Customer Factory Acceptance Test in customer meetings.
• Implementing and designing the layout for gateway security; Installing and hardening of firewall security.
• Monitor and validate third party security patches to ensure that reliability of the system is maintained.
• Implementing Host-based security technologies (Antivirus, Data Leakage Prevention, Host IPS, Whitelisting).
• Installation and/or management of network-based Intrusion Detection products.
• Understanding and/or Implementing system backup strategies and technologies.
• Creation of automated script using Bat/.Vbs/PowerShell/Perl and python to optimize the regular work and act efficiently in daily activities.

Your background  

• You hold a bachelor’s or master’s degree in a relevant technical discipline.
• Knowledge in defense in depth, default deny, least privilege, compartmentalization, privileged initiation, RBAC, etc.
• Good understanding of basic cyber security controls like; IDS/IPS (host and network), hardening, security policies, Malware Protection, Filtering, NGFW, etc.
• Knowledge in Networking, patch management, industrial protocols like DNP/MODBUS/IEC 61850, PRP etc.
• Hands on Experience with protocols like SSL, SSH, ICMP, DHCP, L2TP, PPTP, DNS, SNMP, RDP, and NTP Windows and Virtual Machine Administration.
• Experience with security tools like NMAP, Nessus, Wireshark, etc.
• Knowledge on security standards like IEC 62443, ISO 27001.
• Experience with network equipment (firewalls, switches, GPS clocks) and redundant network designs/protocols.
• Experience with Microsoft client and server operating systems from legacy to current generations.
• Experience with Active Directory and the different roles, integration with third-party devices and appliances.
• Experience with databases and high availability solutions.
• Experience with port, vulnerability, and malware scanners, able to digest and communicate the output.
• Knowledge of intrusion detection systems, security information event monitoring, application control and other security-relevant systems is a major plus.
• Proficiency in English, both verbal and written is required.