Purpose of Role
The OT Security Engineer is responsible for a broad range of cyber security operational tasks, including day-to-day administration of cyber security tools and services within the OT environment. The role will be responsible for security tool compliance and vulnerability management remediation within the OT environment as well as first- and second level support for any alerts arising from the security information and event management service (SIEM).

Areas of Accountability, Responsibility and Competence Level

• Conducting detailed analysis and triage using Harbour Energy’s cyber security services and tools.
• Conducting log-based and endpoint-based threat hunting to identify threats and providing advice on the expected remediation steps to the business and the OT Operations Team.
• Correlating activity across assets (endpoint, network, apps) and environments to identify patterns of anomalous activity and apply appropriate safeguards.
• Working with the OT Governance and Compliance Supervisor to ensure appropriate security controls and systems are in place for both OT and vendor led services.
• Reviewing alerts and data from sensors, and where applicable, documents formal, technical incident reports.
• Providing relevant parties with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Working with OT Operations Team to refine the cyber security services and tools, ensuring that all services remain up to date.
• Researching emerging threats and vulnerabilities to aid in the identification of incidents within the OT environment.
• Providing Harbour Energy with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.
• Ensuring that all IS services have the appropriate cyber security core services applied before they move to production.
• May be required to provide out of hours support via an on-call rota.

Critical Skills, Qualifications Experience

• Excellent analytical, collaborative (team working) with planning and execution skills.
• Self-motivated and pro-active with a willingness to go the extra mile to achieve important goals.
• Excellent verbal and written communication skills.
• Ability to work closely with the wider IS team to share threats and information to ensure infrastructure, application and data services are secure.
• Experience of IS or OT security support in the oil and gas sector (preferred) or equivalent.
• Previous experience of working with a diverse and multi-national vendor support model.
• Knowledge of common vulnerabilities and exploitation techniques.
• Knowledge of information security best practices.
• Demonstrated knowledge of Safety Critical System architecture principles, industry best practice and operating secure systems and processes.
• Strong problem-solving and trouble-shooting skills.
• Experience of working in offshore and live plant environments is desirable.