Senior Cyber Security Engineer

Cromarty is seeking a Senior Cyber Security Engineer to deliver consulting engagements across solar, wind, utilities and manufacturing environments. This role focuses on regulatory compliance, OT cyber security, and practical engineering controls for energy assets operating under the SOCIand AEMO frameworks.

You will lead reviews, gap assessments, and improvement programs that span compliance management,OT security, and cloud data retention, working directly with asset owners, operators, and senior stakeholders.

This is a hands‑on role — not a policy‑only or SOC position.

What You’ll Do Review

Critical Infrastructure Risk Management Plans (CIRMPs) , and supporting systems against:

SOCI obligations

AEMO Registered Participant requirements

AEMO Cyber Security Framework

IEC62443 OT Cyber Security Framework

Assess OT and plant environments, including:

SCADA, historians, PQM systems, and plant networks

Operating system baselining and hardening (Windows/Linux)

Patch, vulnerability, and configuration management in OT contexts

Review and design:

Firewall architectures and rule sets (IT/OT boundary, zones & conduits)

Network segmentation aligned to Purdue / IEC 62443

Secure remote and vendor access

Assess logging, monitoring, and incident readiness for cyber and compliance events

Perform structured

gap analyses

and develop

practical, prioritised recommendations

Produce clear written reports and deliver client workshops (executive and operational)

What We’re Looking For 7+ years’ experience in

cyber security, OT security, or engineering

Proven experience in

energy, utilities, or critical infrastructure

Strong hands‑on skills with:

OS hardening and security baselines

Firewall configuration and network security

OT risk assessments and remediation planning

Ability to engage credibly with engineers, operators, and executives

Consulting or advisory experience strongly preferred

Mandatory Certifications Applicants must hold

at least one

of the following:

GICSP

GRID

ISA/IEC 62443 Cybersecurity Specialist or Expert

CISSP (with demonstrable OT/energy experience)

Why Cromarty

Work on real energy assets, not theoretical cyber problems

High‑impact work with regulatory and operational significance

Trusted senior role with autonomy and influence

Competitive remuneration

#J-18808-Ljbffr