| Rolle | Systemutvecklare |
| Kompetanseområde | Tekniskt arbete |
| Startdato | 2025-05-09 |
| Sluttdato | 2026-03-30 |
| Omfang | 100% |
| Sted | Ludvika |
| Land | Sweden |
| Siste svarsdato | 2025-05-09 (Tilbud vil bli behandlet fortløpende) |
| Kontaktperson | Anette Svensson (hitachi@keyman.se | 073-091 19 23) |
| Referansenummer | #13054 |
Overordnet oppdragsbeskrivelse
URGENT NEED – reason for hire: replacement of CW.
Location: Role can be based in Ludvika preferably – or Västerås. Remote work may be possible for right candidate.
OT Cyber Security Engineer – Substation Automation
Key Responsibilities:
1. Security Audits
- Identify vulnerabilities in IEC 61850-based communication, RTUs, IEDs, and SCADA networks.
- Assist to perform penetration testing and red teaming for substation control environments.
- Perform technical audits of SCADA devices and networks, and any other connected networks, to identify security concerns.
- Evaluate security compliance with NERC CIP, IEC 62443, and IEEE standards.
- Support Global Projects by adapting HVDC Cyber security for SCADA & HMI.
2. Security Implementation & Architecture
- Design and implement segmented network architectures for substations (firewalls, DMZs, VLANs).
- Secure IEC 61850 protocols (GOOSE, MMS, SMV) to prevent cyber-attacks.
- Deploy Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM), and Endpoint Protection for OT environments.
- Harden SCADA servers, HMIs, and substation gateways against cyber threats.
- Develop architecture & functional descriptions for Functions / Solutions for future HVDC in cyber security technologies.
- Evaluate and strengthen the security of any connections to the SCADA network.
- Monitor and Validate third party security patches to ensure that reliability of the system is maintained.
- Implement the security features provided by device and system vendors.
3. Incident Response & Threat Management
- Develop and test Incident Response Plans (IRP) for cyber events in substations.
- Monitor threat intelligence and assess the impact of cyber threats on energy transmission systems.
- Assist in forensic investigations of cybersecurity incidents in substations.
- Implement Zero Trust Architecture (ZTA) and role-based access control (RBAC) in substation networks.
4. Compliance & Regulatory Alignment
- Ensure compliance with NERC CIP (Critical Infrastructure Protection) for bulk electric systems.
- Align cybersecurity controls with IEC 62443, ISO 27001, and IEEE 1686.
- Assist in audit preparation and regulatory reporting for utilities and power grid operators.
- Work with utility companies, regulators, and vendors to enhance grid cybersecurity.
- Participate in industry working groups (NERC, IEEE, ISA, EPRI) to influence cybersecurity standards.
- Support projects in resolving the issues related to Cyber security Functions.
Required Skills :
Technical Skills
- Deep understanding of substation automation (IEC 61850, DNP3, Modbus, MMS, GOOSE messaging).
- SCADA, RTU, IED, and EMS security expertise.
- Network security (firewalls, IDS/IPS, VPNs, NAC) in OT environments.
- Vulnerability assessment and penetration testing of OT/ICS systems.
- Experience with SIEM, log management, and anomaly detection tools.
- Self motivator, ease of communication, process oriented, customer focused.
- Languages: English mandatory (Swedish is a plus but not mandatory).
General description:
Hardware/Software Configuration includes the analysis, recommendation, introduction and support of various hardware/software configurations, analyses of projected business requirements and related costs versus benefits. Develop, maintain, control, audit, analyse and manage a variety of information systems. Formulate and define system scope and objectives, devise strategies, develop or modify procedures, and resolve complex problems and related issues.
Independently perform various engineering duties requiring the exercise of judgment and application of standard engineering principles and practices, towards set goals. Plan, conduct or coordinate a range of complex engineering activities encompassing one or more engineering disciplines. Conduct or coordinate complex analyses, advanced technical studies and develop recommendations based on sound engineering practices and business considerations as well as potentially legal and other agency requirements.
Minimum requirements of education and experience:
• Minimum around eight (8) years of work experience within the relevant field and a bachelor or master’s degree, or
• Another technical degree with more than 15 years of work experience within relevant field.
• Working command of the English language.
Additional Hiring Information for Supplier
- Role can be based in Ludvika preferably – or Västerås.
- Office presence preferred 5 days/ week (however, remote work may be allowed to a certain portion later on).
- Travel may be required, mainly to 3 overseas locations (France, Norway and UK).
- Experience level for this role is around 8y minimum.
- Interviews: Teams call with HM + other team member – 60 mins
** IMPORTANT NOTE!
Here are some of the most important Key Experience/Responsabilities for the role that the HM would like see in the CV’s:
– Evaluate security compliance with NERC CIP, IEC 62443, and IEEE standards.
– Deploy Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM), and Endpoint Protection for OT environments.
- Monitor and Validate third party security patches to ensure that reliability of the system is maintained.
- Implement the security features provided by device and system vendors
- role-based access control (RBAC) in substation networks.
- Vulnerability assessment and penetration testing of OT/ICS systems.
- Experience with SIEM, log management, and anomaly detection tools.
- (NERC, IEEE, ISA, EPRI)
EXPLANATION ON LEVELS:
Levels with numbers (1-5): Increasing experience from 1=Very Junior up to 5=Very Experienced
Levels with letters (A-F): Increasing experience from F=Very Junior up to A=Very Experienced
Skallkrav
IMPORTANT Carefully read the full description of the role, requirements and specific qualifications wanted, areas of responsibility, background requested and additional employment information for the supplier to ensure that your set of competencies matches the role.
Deep understanding of substation automation (IEC 61850, DNP3, Modbus, MMS, GOOSE messaging).
SCADA, RTU, IED, and EMS security expertise.
Network security (firewalls, IDS/IPS, VPNs, NAC) in OT environments.
Vulnerability assessment and penetration testing of OT/ICS systems.
Experience with SIEM, log management, and anomaly detection tools.
Office presence required 5 days/ week.
Fluency in both written and spoken English is mandatory.
IMPORTANT Confirm that your offered price is a gross price according to the information below. From this price the fee (4.23%) will be deducted.
Börkrav
Swedish is a plus but not mandatory.
Övriga krav
Offer for this assignment must be sent via KeySourcingTool. Replies via email will receive limited feedback.
Please describe briefly in “Comments” for the various requirements how the consultant meets these.
The supplier hereby confirms that they are aware of feedback on Offers will primarily come via KeySourcingTool on the submitted offer (notification via e-mail from KST).
Personliga egenskaper
Self motivator
Ease of communication
Process oriented
Customer focused
Annen informasjon
PLEASE NOTE: From the offered hourly rate, the contractual fee of 4.23% (MSP 2,13% + KeyMan 2,1%) will be deducted.
If we end up in a contract the consultant must undergo a drug test before the assignment can start. The consultant then also must have a certificate for SSG-Entré and sign a NDA.
The assignment is preferred Onsite – (however, remote work may be allowed to a certain portion later on).
For further details and conditions, see the attached documents.
- For å kunne gi tilbud på våre oppdrag må du være registrert bruker i KeySourcingTool og din bedrift må også være forretningspartner med KeyMan (kostnadsfritt).
