Security Engineer (Operational Technology)

Duration: 12 Months

Location: South Wales & remote (Hybrid / Field-Based)

Rate: £800 per day (negotiable)

IR35 Status: Outside

Start: ASAP

Overview

An experienced Security Engineer (Operational Technology) is required to support the deployment and optimisation of security technologies across the clients large-scale Operational Technology (OT) environment.

This is a hands-on role focused on implementing and maturing a suite of security tooling, enhancing detection capabilities, and strengthening overall cyber resilience. You will work closely with internal security teams and stakeholders to ensure successful integration and ongoing improvement of security platforms.

This role will involve regular travel to sites across Wales (up to 3 days per week when required), with remote working available when onsite presence is not needed.

Essential Skills & Experience required:

As the Security Engineer (Operational Technology) you will possess the following skills & experience:

Proven experience supporting an engineering IT/security infrastructure

• Strong hands-on experience with one or more of the following:

• EDR / XDR platforms
• NDR solutions
• SIEM technologies
• Host-based security controls (HIDS/HIPS, firewalls, anti-malware)
• Email and web security technologies
• Microsoft 365 / Azure security tooling

• Experience with security operations tooling and environments (e.g. SOC integration)

• Strong understanding of security frameworks and methodologies, e.g: Cyber Kill Chain, MITRE ATT&CK

• Excellent analytical skills and attention to detail

• Ability to quickly learn and apply new technologies to improve security posture

• Strong communication and stakeholder engagement skills

Desirable:

• Experience working within regulated environments (e.g. NIS-CAF)

• Experience within Operational Technology (OT) or industrial environments

• Familiarity with scripting or programming (e.g. Python, PowerShell, regex)

• Relevant security certifications (e.g. CompTIA Security+, GIAC certifications)

• Degree in Information Security, Cyber Security, or a related field

Key Responsibilities include:

• To lead the deployment, configuration, and optimisation of OT security tooling, including:

•  Endpoint Detection & Response (EDR)
•  Identity Threat Detection & Response (ITDR)
•  Network Detection & Response (NDR)
•  Industrial Control System (ICS) monitoring solutions

• Implement and maintain hardened security baselines across OT environments

• Take a threat-led approach to improving security configurations and reducing organisational risk

• Analyse threat landscape, including attacker tactics, techniques, and procedures (TTPs), and implement appropriate mitigations

• Collaborate with wider security teams, including:

•  Incident Response
•  Security Architecture
•  Security Consultancy

• Support incident investigations and enhance detection and response capabilities

• Lead the roll out of security agents and sensors across distributed OT environments, ensuring minimal disruption to critical services

• Integrate security tooling with centralised SOC platforms (e.g. SIEM solutions such as Microsoft Sentinel)

• Establish and support operating models for new security platforms, including:

• Defining RACI models
• Creating processes for alerting and incident management

• Participate in change and design review processes

• Optimise performance and configuration of deployed security platforms in collaboration with vendors and internal

teams

• Support onboarding of users and teams to new platforms, including producing documentation and knowledge articles

• Monitor capacity and performance of security tooling and supporting infrastructure

• Produce and maintain high-quality reporting and management information from OT security systems

If this role is of interest, please email your CV to: joanne.stanley@certes.co.uk