OT Security Integration Engineer
About us
At National Grid, we keep people connected and society moving. But it’s so much more than that. National Grid supplies us with the environment to make it happen. As we generate momentum in the energy transition for all, we don’t plan on leaving any of our customers in the dark.
National Grid is hiring for a OT Security Integration Engineer - This position can be based from any of our main UK locations such as Warwick, Bristol, Derby, Leeds, Newcastle and West Weymouth. Hybrid/Flexible Working model.
(Visa and relocation package are not available for this role.)
What you'll do
Configuration Review:
- Oversee assessment of supplier-provided configurations and security settings for OT devices (BCUs, Network Devices, RTUs, HMIs, Servers).
- Enable compliance with recognised standards such as NIST SP 800-82, NIST SP 800-53, IEC 62443, CIS Benchmarks, and product security manuals.
- Reviews of automation logic to detect and prevent logic bombs or malicious code within control systems.
Tool Development & Automation:
- Input into the design and implementation of established and custom automated testing tools using programming languages such as C++, Python, VB for validating device configurations against secure profiles.
- Leverage existing and support development of new tools capable of generating comparison reports between baseline security profiles and project-specific configurations.
- Create lightweight penetration testing utilities tailored for OT environments.
Security Tool Identification:
- Work with security to identify and recommend security tools suitable for electrical industry OT systems.
- Define secure usage guidelines and testing strategies for these tools.
- Work with security to validate supplier proposed security tools to ensure they meet CNI requirements.
Baseline Management:
- Maintain and update baseline security settings and tools in response to major vulnerabilities or firmware changes.
- Collaborate with vulnerability management teams to review latest OT asset vulnerabilities and propose mitigations.
Collaboration:
- Collaborate with National Grid Cyber Lab to evaluate custom-built and off-the-shelf tools for Cyber Acceptance test, i.e. CFAT and CSAT.
- Validate supplier test documentation for completeness and compliance with technical requirements.
- Work with National Grid penetration testing teams to define comprehensive security testing requirements for OT systems.
About you
- Technical understanding of the OT assets and systems used within National Grid Electricity Transmission substations, in particular protection and control systems. Increased knowledge in at least one technical area.
- Familiarity with operational practices and processes used to support and manage OT assets
- Significant experience of site work particularly in the area of operational technology cyber security associated with HV Transmission P&C schemes
- Understanding of Electricity industry operations and procedures and a working knowledge of safety rules and the commissioning process
- Understanding of asset management principles, including risk management, decision making, planning, asset lifecycle and asset data/information.
- Familiarity with international standards related to cyber security including IEC62443 and IEC62351
- Deep knowledge of OT cybersecurity standards (NIST, IEC, CIS) and industrial control systems.
- Programming skills such as C++, Python, VB/VBA for automation and testing tool development.
- Knowledge of logic bomb detection, penetration testing, and configuration compliance.
- Familiarity with CFAT/CSAT processes, supplier engagement, and OT security testing frameworks.
- Excellent leadership, documentation review, and stakeholder management skills.
What you'll get
- Salary: £61,000–£78,000 per annum (dependent on experience).
- Discretionary annual bonus.
- Contributory pension — employer matches employee contributions up to 12% of salary.
- Flexible benefits including share incentive, salary‑sacrifice car and technology schemes, employee assistance and matched charity giving.
Graduates with relevant risk management or cyber credentials are welcome to apply.
More Information
The closing date for this vacancy is 16th March. However, we encourage candidates to submit their applications as early as possible and not to wait until the published closing date. National Grid’s recruitment periods can and may vary. We reserve the right to remove this advert or close it to further applications at any point during the recruitment process.
DE & I statement:
At National Grid, we work towards the highest standards in everything we do, including how we support, value, and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation and welcome and encourage applicants with diverse experiences and backgrounds, offering flexible and tailored support, at home and in the office.
Our goal is to drive, develop, and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives, and business need. We are committed to building a workforce that can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.
Please note that in most cases, National Grid is unable to offer sponsorship for employment under the UK points-based immigration system. As such, applicants must have the legal right to work in the UK without requiring sponsorship now or in the future under the UK points-based immigration system. However, in exceptional circumstances where there is a clear and demonstrable need for specialist skills that cannot be sourced from the local labour market, National Grid may consider offering sponsorship. All applications are welcome from candidates who meet these requirements, regardless of race, nationality, or ethnic origin.
#LI-AZ1 #LI-HYBRID