Cyber Security Specialist – Incident Response

  • Stone
  • Full Time | Permanent
  • Job reference: S&S-2021-03

With a focus on operational technology and digital transformation, Capula, part of the EDF Group, has been a leader in advanced system integration for decades; optimising efficiency & delivering performance on a massive scale. But with continuous innovation at the heart of our business, we’ve always got our sights set on the future. We work in some of the most highly regulated and challenging industrial environments, and have delivered critical projects across energy, water, renewables and manufacturing.

Summary of the Role:

We currently have a requirement for a Cyber Security Engineer with particular experience of enterprise Business Continuity Planning within the market sectors listed above.

The successful candidate will report to the Cyber Security Solutions Manager and support Capula in professional service delivery, undertaking activities to meet the business needs including:

  • Creation of Business Impact Analysis within OT environment that align continuity model to the business objectives in the face of the ever changing risk landscape
  • Review industry specific threats and risks
  • Review and creation of Incident Response, Disaster Recover and broader Business Continuity plans, playbooks, and supporting documentation and materials
  • Create and lead a test regime with realistic scenarios which can include oral walkthrough, table top exercise or simulated production environment; based upon experience, case studies provided by NCSC and CISA, or contemporary threat intelligence
  • Ability to identify and address supply chain/third party cybersecurity risks and dependencies
  • Solve complex operational security problems facing Industry and Critical National Infrastructure
  • Assess the security architectures, technologies, and procedures in use at customer locations using remote tooling and by undertaking onsite work
  • Able to manage mitigation activities having created remediation action plans, ensuring activities remain aligned with strategic priorities and consistent with current threat and risk assessments
  • Conduct vulnerability assessments and administrative audits on client computer systems and network devices in order to comply with NIST 800-53/800-82, ISO 27000 series, IEC 62433, HSE OG-86, and NIS-D frameworks
  • Work across all Capula business units to assist with delivery of projects

Requirements (Essential):

  • Educated to degree level (or equivalent experience)
  • 3 years of relevant Incident Response experience within OT
  • Will hold (or working towards) one or more of the following qualifications: CSTM/CSTL, QSTM/SST, ECSA, OSCP
  • Solid understanding of the Cyber Security market and industry with exposure to include Energy, Chemical, Utilities, Oil & Gas industries
  • Evidence of undertaking Business Continuity Planning engagements assessing compliance against standards, regulations, and frameworks such as NIST SP 800-34 & 61, ISO 22301, CPNI SICS, etc.
  • Evidence of reviewing Incident Response plans, escalation and activation including the functional assessment of resources (people and assets) and ability to respond to likely threats/events, review of operational teams/SOC, and review of previous security events and lessons learned -> root cause analysis
  • Experience completing system assessments and security audits based on technical security frameworks such as NIST 800-53/800-82, ISO 27000 series, IEC 62433, HSE OG-86, NIS-D, etc.
  • Has knowledge of system architectures including Windows/*nix server and client platforms, Virtualisation, Networking, Wireless technologies, and security products (firewalls, IDS/IPS, sheepdip, vulnerability scanners etc)
  • Experience securing cross-domain IT/OT communications and interfaces
  • Ability to build and maintain strong relationships with internal and external customers and key business stakeholders
  • A drive for outstanding customer service and high-performance culture
  • Able to clearly and confidently communicate ideas, present, and explain technical knowledge to management and other internal/external stakeholders
  • Ability to apply practical and pragmatic understanding of service delivery, exceeding the customer’s expectations
  • The ability to research novel ideas/products to identify suitability for a solution
  • A team player who has drive and tenacity with a willingness to learn
  • Always follows best health & safety practices within Capula and customer sites
  • Can successfully complete all assigned tasks to plan and in line with company procedures and standards
  • Full UK driving licence and must be prepared to travel to client sites when required
  • Able to achieve and maintain SC clearance

Requirements (Desirable):

  • Qualifications: GICSP and other OT security certifications


  • 25+ days annual leave (plus bank holidays)
  • Flexible working
  • Pension scheme
  • Life Assurance(4x annual salary)
  • Private healthcare
  • Lifestyle screening
  • Salary sacrifice schemes
  • Employee assistance mental wellbeing programme
  • Employee discount at 100’s of UK retailers
NOTE TO EMPLOYMENT AGENCIES: We are currently working with only our preferred suppliers.

To express an interest in this position, simply apply below or you can e-mail with a cover letter and CV, quoting the job reference number.

Cyber Security Specialist – Incident Response

  • Stone
  • Full Time | Permanent
  • Job reference: S&S-2021-03
  • Something wrong! Please double check your input.

*: Required fields


Capula is looking for extraordinary people to join our industry leading team as we continue to define the future of Engineering.

Available Roles

See all vacancies

Not found the right job for you?

Capula is always on the lookout for extraordinary people to join our industry leading team.

If you think you are the right fit but haven't seen a vacancy that suits you why not drop our team a line and we can have a chat.

Contact us