Aufgaben
TUV SUD Limited, a leading global technical service provider, is seeking a highly skilled and knowledgeable Cyber Security Expert to join our team in the United Kingdom. As a Cyber Security Expert, you will play a critical role in ensuring the security and integrity of our clients' digital systems, focusing on compliance with the EN 62443 series and ISO 27001 standard. Understanding of OG86 would also be desirable.
Main Duties & Responsibilities
Have a voice in the development of the cyber security strategies aligned with industry best practices, which will have focus but may not be limited to the EN 62443 series and ISO 27001 standards.
Conduct thorough assessments of clients' existing cyber security measures and identify vulnerabilities and risks. Evaluate compliance with EN 62443 and ISO 27001 requirements and provide recommendations for improvement.
Perform regular audits to assess the effectiveness of cyber security controls and procedures. Identify areas of weakness and propose appropriate remediation measures to enhance security posture.
Design and implement robust incident response plans to address potential cyber security incidents. Coordinate with internal teams and clients to promptly detect, respond to, and mitigate cyber threats.
Provide training and awareness sessions to clients and internal stakeholders to promote cyber security best practices and ensure compliance with EN 62443 and ISO 27001 standards.
Assist in technical development of software (industrial and consumer) validation and certification services.
Collaborate with cross-functional teams to review presented secure architectures and infrastructure solutions. Evaluate the suitability of new technologies and recommend security controls for their integration.
Conduct penetration testing and vulnerability assessments to identify weaknesses in systems and applications. Provide guidance on remediation measures and support the implementation of security patches and upgrades.
Assist in maintaining accurate documentation of cyber security processes, procedures, and controls. Generate comprehensive reports on assessment findings, audits, and security incidents for management and clients.
Qualifikationen
Essential Criteria:
A degree in computer science, Information Technology, or a related field.
Professional experience in cyber security, with a focus on EN 62443 and ISO 27001.
Proven track record of successfully implementing cyber security strategies and driving compliance initiatives.
In-depth knowledge of the EN 62443 series and ISO 27001 standards.
Familiarity with common cyber security frameworks such as NIST Cybersecurity Framework and CIS Controls.
Strong understanding of network protocols, operating systems, and security technologies.
Experience with security testing tools, penetration testing, and vulnerability assessment methodologies.
Proficiency in conducting risk assessments and security audits.
Ability to analyse complex security challenges, identify root causes, and develop practical solutions.
Practical understanding and demonstrated experience in software development.
Excellent written and verbal communication skills to convey complex security concepts to technical and non-technical stakeholders. Proven ability to collaborate with cross-functional teams and build strong relationships with clients.
Maintain the highest level of professionalism, ethical conduct, and confidentiality while handling sensitive information and client data.
Desirable Criteria:
Relevant certifications such as CISSP, CISM, or GIAC are highly desirable.