SE_Technical IT: System Configuration (OT Cyber Security Engineer) – Senior Engineer (Level 3) till Hitachi Energy Sweden AB (12435) – JOB POSTING UPDATED

Övergripande uppdragsbeskrivning

• Identify vulnerabilities in IEC 61850-based communication, RTUs, IEDs, and SCADA networks.
• Assist to perform penetration testing and red teaming for substation control environments.
• Perform technical audits of SCADA devices and networks, and any other connected networks, to identify security concerns.
• Evaluate security compliance with NERC CIP, IEC 62443, and IEEE standards.
• Support Global Projects by adapting HVDC Cyber security for SCADA & HMI.

• Design and implement segmented network architectures for substations (firewalls, DMZs, VLANs).
• Secure IEC 61850 protocols (GOOSE, MMS, SMV) to prevent cyber-attacks.
• Deploy Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM), and Endpoint Protection for OT environments.
• Harden SCADA servers, HMIs, and substation gateways against cyber threats.
• Develop architecture & functional descriptions for Functions / Solutions for future HVDC in cyber security technologies.
• Evaluate and strengthen the security of any connections to the SCADA network.
• Monitor and Validate third party security patches to ensure that reliability of the system is maintained.
• Implement the security features provided by device and system vendors.

• Develop and test Incident Response Plans (IRP) for cyber events in substations.
• Monitor threat intelligence and assess the impact of cyber threats on energy transmission systems.
• Assist in forensic investigations of cybersecurity incidents in substations.
• Implement Zero Trust Architecture (ZTA) and role-based access control (RBAC) in substation networks.

• Ensure compliance with NERC CIP (Critical Infrastructure Protection) for bulk electric systems.
• Align cybersecurity controls with IEC 62443, ISO 27001, and IEEE 1686.
• Assist in audit preparation and regulatory reporting for utilities and power grid operators.

• Work with utility companies, regulators, and vendors to enhance grid cybersecurity.
• Participate in industry working groups (NERC, IEEE, ISA, EPRI) to influence cybersecurity standards.
• Support projects in resolving the issues related to Cyber security Functions.

• Deep understanding of substation automation (IEC 61850, DNP3, Modbus, MMS, GOOSE messaging).
• SCADA, RTU, IED, and EMS security expertise.
• Network security (firewalls, IDS/IPS, VPNs, NAC) in OT environments.
• Vulnerability assessment and penetration testing of OT/ICS systems.
• Experience with SIEM, log management, and anomaly detection tools.

• Self motivator, ease of communication, process oriented, customer focused.
• Languages: English mandatory (Swedish is a plus but not mandatory).

• Role can be based in Ludvika preferably – or Västerås.
• Office presence required 5 days/ week (remote work may be allowed to a certain portion later on).
• Travel may be required, mainly to 3 overseas locations (France, Norway and UK).
• Experience level for this role is around 8y minimum.
• Interviews: Teams call with HM + other team member – 60 mins

Skallkrav

IMPORTANT Carefully read the full description of the role, requirements and specific qualifications wanted, areas of responsibility, background requested and additional employment information for the supplier to ensure that your set of competencies matches the role.
Deep understanding of substation automation (IEC 61850, DNP3, Modbus, MMS, GOOSE messaging).
SCADA, RTU, IED, and EMS security expertise.
Network security (firewalls, IDS/IPS, VPNs, NAC) in OT environments.
Vulnerability assessment and penetration testing of OT/ICS systems.
Experience with SIEM, log management, and anomaly detection tools.
Office presence required 5 days/ week.
Fluency in both written and spoken English is mandatory.
IMPORTANT Confirm that your offered price is a gross price according to the information below. From this price the fee (4.23%) will be deducted.
Attach only ENGLISH CV in Word format under the Documents tab. PLEASE REMOVE company logos and photos. The CV is an important part of the evaluation of the consultant. It must clearly show that the consultant has the competence and experience required for the current assignment.
Provide consultant’s Date of Birth in the following format: YYYY – MM – DD by writing it in the Comment field after selecting Yes.
Provide consultant’s Nationality by writing the Nationality/Country holding Passport, in the Comment field after selecting Yes.
Provide consultant’s Gender by writing one of the following alternatives; Female / Male / Prefer not to answer; in the Comment field after selecting Yes.
The consultant is located in Sweden.

Börkrav

Swedish is a plus but not mandatory.

Övriga krav

Offer for this assignment must be sent via KeySourcingTool. Replies via email will receive limited feedback.
Please describe briefly in ”Comments” for the various requirements how the consultant meets these.
The supplier hereby confirms that they are aware of feedback on Offers will primarily come via KeySourcingTool on the submitted offer (notification via e-mail from KST).
The supplier certifies that the company has a consulting and liability insurance that covers this type of assignment according to standards for this line of business.
In connection with a quote on this assignment, the supplier approves the terms and conditions that apply to the assignment. See text in the request and the attached documents.
The supplier confirms that the consultant is employed by the supplier company. The supplier may not offer second layer Subcontractors. This is a demand from the end customer.

Personliga egenskaper

Self motivator
Ease of communication
Process oriented
Customer focused

Övrig information