We are seeking a highly skilled and experienced Cyber Security Engineer to manage and enhance our IT,

Operational Technology (OT), and Internet of Things (IoT) security infrastructure.

The ideal candidate will be responsible for protecting our systems against cyber threats, ensuring the

confidentiality, integrity, and availability of all data and services. The role also involves designing IT security

systems based on technical diagrams provided by IT consultants, collaborating with an external security system

integrators for IT, OT, and IoT network design, and coordinating with vendors for the end-to-end

Implementation of the security network.

The successful candidate will also liaise closely with the IT Project Manager, providing regular updates on

project progress, milestones, and activities.

Responsibilities

Strategy and Planning:

• Develop and implement comprehensive cybersecurity (CS) strategies for Information Technology

(IT), Operational Technology (OT), and Internet of Things (IoT) environments.

• Design and deploy security solutions and technologies to protect IT, OT, and IoT systems.
• Conduct risk assessments and vulnerability analyses to identify and mitigate potential security

threats.

• Design and implement a Cybersecurity Incident Response Plan, including detailed response

playbooks.

• Conduct audits to identify security violations, vulnerabilities, or process gaps.
• Implement robust security controls aligned with organisational and regulatory standards.
• Upgrade networks and systems to adhere to industry best practices and evolving cybersecurity

frameworks.

• Research, test, and implement advanced security technologies to strengthen Metal Park’s cyber

resilience.

• Develop and maintain firewalls and other security barriers within the network infrastructure to

prevent unauthorised access.

Security Operations:

• Manage and monitor security tools and technologies, including firewalls, intrusion detection

systems, and anti-virus software.

• Implement and manage access control systems and identity management solutions.
• Perform regular security assessments, penetration testing, and security reviews of IT, OT, and IoT

systems.

IoT Security

• Develop and implement security measures specific to IoT devices and networks.
• Ensure secure deployment and management of IoT devices, including firmware updates and patch

management.

• Assess and mitigate risks associated with IoT devices and their integration with IT and OT systems.

Key IoT Security Principles:

• Defence in Depth: Implement multiple layers of security controls across the IoT ecosystem.
• Zero Trust Architecture: Never trust, always verify – authenticate and authorise all IoT

communications.

• Least Privilege: Grant only the minimum necessary permissions to IoT devices and users.
• Secure Defaults: Configure IoT devices with security-first default settings.
• Implement secure boot processes to prevent firmware tampering.
• Use Hardware Security Modules (HSMs) or trusted execution environments where feasible.
• Regularly update device firmware and apply security patches.
• Implement strong authentication mechanisms for device and user access.
• Use encryption for both data at rest and data in transit.
• Segment IoT networks from corporate networks to reduce attack surfaces.
• Monitor all IoT traffic for anomalies and potential threats.
• Implement Network Access Control (NAC) for all IoT devices.
• Use VPNs or secure tunnelling protocols for remote IoT access.
• Conduct regular security assessments and penetration testing of IoT systems.

Endpoint Security:

• Implement endpoint security solutions to safeguard IT and OT devices, including computers,

servers, industrial control systems.

• Develop and enforce endpoint security policies, ensuring compliance and protecting against

malware and unauthorized access.

Incident Response and Recovery:

• Develop and maintain incident response plans for IT, OT and IoT environments, outlining

procedures for identifying, responding to, and recovering from cybersecurity incidents.

• Lead incident response efforts, coordinating with teams to mitigate the impact of security breaches

and prevent future occurrences.

• Report any incidents to the IT Project Leader.

Vulnerability Management:

• Conduct regular vulnerability assessments and penetration testing on IT,OT and IoT systems,

identifying weaknesses and recommending appropriate security measures.

• Prioritize and remediate vulnerabilities, ensuring systems are up-to-date with security patches and

configurations.

Compliance and Regulations:

• Stay current with cybersecurity regulations, standards, and best practices relevant to both IT, OT &

IoT environments.

• Ensure compliance with industry regulations (such as NIST, IEC 62443) and internal security policies.
• Maintain documentation of security policies, procedures, and incidents.

Security Awareness and Training:

• Provide cybersecurity awareness training to Employees, MP Members, and third-party vendors,

emphasizing the importance of security practices and policies.

• Foster a culture of cybersecurity awareness within the Company.

Collaboration and Communication:

• Collaborate with IT, OT and IoT teams, as well as external vendors, to implement and support security

solutions.

• Communicate cybersecurity risks and recommendations to non-technical stakeholders, facilitating

informed decision-making.

Qualifications

Bachelor’s/Master's Degree in engineering or in a related field.

• Minimum 5+ years of work-relevant experience in cybersecurity.
• Proven experience implementing and maintaining controls aligned with ISO 27001 and managing

an Information Security Management System (ISMS).

• Demonstrated ability to support ISO 27001 audits, certification processes, and continuous

improvement cycles.

• Strong understanding of ISO 27001 clauses, Annex A controls, and risk treatment methodologies.
• Experienced with SIEM integration and optimizing log backup and restore.
• Expert knowledge in NIST & ISA 62443.
• Hands-on experience in deploying security protections (e.g., WAF, IDS/IPS, EDR, endpoint

hardening).

• Skilled in using security tools for vulnerability assessments (API, Web, Mobile).
• Good knowledge of OWASP Top 10 and SANS
• Passionate about Cyber Security trends and technology
• Strong analytical skills, creative and critical thinking is a must
• Preferably, training/certifications in any of these ISA 62443, CISSP, GIAC, ICS-CERT, or SANS.
• The Global Industrial Cyber Security Professional (GICSP) certification is advantageous