Cromarty is seeking a Senior Cyber Security Engineer to deliver consulting engagements across solar, wind, utilities and manufacturing environments. This role focuses on regulatory compliance, OT cyber security, and practical engineering controls for energy assets operating under the SOCI and AEMO frameworks.
You will lead reviews, gap assessments, and improvement programs that span compliance management, OT security, and cloud data retention, working directly with asset owners, operators, and senior stakeholders.
This is a hands‐on role — not a policy‐only or SOC position.
What You'll Do
* Review Critical Infrastructure Risk Management Plans (CIRMPs), and supporting systems against:
* SOCI obligations
* AEMO Registered Participant requirements
* AEMO Cyber Security Framework
* IEC62443 OT Cyber Security Framework
* Assess OT and plant environments, including:
* SCADA, historians, PQM systems, and plant networks
* Operating system baselining and hardening (Windows/Linux)
* Patch, vulnerability, and configuration management in OT contexts
* Review and design:
* Firewall architectures and rule sets (IT/OT boundary, zones & conduits)
* Network segmentation aligned to Purdue / IEC 62443
* Secure remote and vendor access
* Assess logging, monitoring, and incident readiness for cyber and compliance events
* Perform structured gap analyses and develop practical, prioritised recommendations
* Produce clear written reports and deliver client workshops (executive and operational)
What We're Looking For
* 7+ years' experience in cyber security, OT security, or engineering
* Proven experience in energy, utilities, or critical infrastructure
* Strong hands‐on skills with:
* OS hardening and security baselines
* Firewall configuration and network security
* OT risk assessments and remediation planning
* Ability to engage credibly with engineers, operators, and executives
* Consulting or advisory experience strongly preferred
Mandatory Certifications
Applicants must hold at least one of the following:
* GICSP
* GRID
* ISA/IEC 62443 Cybersecurity Specialist or Expert
* CISSP (with demonstrable OT/energy experience)
Why Cromarty
* Work on real energy assets, not theoretical cyber problems
* High‐impact work with regulatory and operational significance
* Trusted senior role with autonomy and influence
#J-18808-Ljbffr