• Categories

  • Construction Equipment & Supplies
  • Construction Jobs
  • Construction News
  • Construction Product News
  • Green Building
  • Green Living
  • Home Improvement
  • Lawn and Garden
  • Press Releases

• Tags

  bridge cemex civil engineering construction products association doors electricity hard hats Home Improvement Lawn Care leaks logistics pipes risk robots sensors southwest supply chain wales willmott dixon

Position: Cyber Security Engineer

Location: Dartford

Laing O'Rourke has set targets to transform its business. Our deliver 2025 mission is to become the recognised leader for innovation and excellence in the construction industry, to achieve this will require exceptional information, technology and data capabilities to enable all parts of the Laing O'Rourke business.

Position Purpose:

Working in a global Cyber Security Team, the Cyber Security Engineer works closely with the Cyber Security Architect to produce detailed designs and implement all cyber security tools globally.

The Cyber Security Engineer works with stakeholders from across the business, projects and IT to research, design and deploy cyber security controls to meet business, compliance or security requirements whilst addressing new and emerging threats in line with the business risk tolerance and business risk management strategies.

The position requires a seasoned engineer with a detailed working knowledge of information security technologies, Infrastructure, policies, and processes in their application to a global business.

Key Accountabilities:

• Research, design and implements cyber security solutions that comply with applicable security policies and standards to reduce business risk.
• Work with Laing O'Rourke's business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments.
• Collaborate with the Cyber Security Architect on security roadmaps based on sound architecture practices that ensure Laing O'Rourke can maintain and achieve relevant industry security certifications. Act in an advisory role in application development or business/organisational projects to assess security requirements and controls as per policies and risk exposure.
• Keeping abreast of potential and emerging cyber security threats, vulnerabilities, and control techniques and the trade-offs required to manage the different levels of risk appetite and risk exposure across the business.
• Develop and maintain security architecture artifacts (designs, templates, standards, baselines) that can be used to leverage security capabilities in projects and operational teams. Collaborate on IT projects to ensure that security issues are addressed throughout the project life cycle (Secure-by-Design).
• Researches and assesses new threats and security alerts and recommends remedial actions. Play an active part in responding to and resolving critical security incidents (Prepare, Identify, Contain, Remediate, Recover) - Cyber Operations team handle day-to-day
• Work with key suppliers, partners and vendors to drive maximum value and security benefit from security services and solutions. Review security technologies, tools and trends to make recommendations to the security team / leadership for use based on security, financial and operational metrics.

Key Relationships:

Internal:

• Reports to Deputy CISO
• Group CISO
• Cyber Security Enterprise Architect
• Head of Infrastructure Engineering & team
• Infrastructure Operations Lead & team
• IT Service Management Team
• Head of IT (Europe and Australia Hub)

External:

• Technology product and service vendors
• Managed Security Service Providers (MSSP)
• Security Operations Centre (SOC)
• Regulatory and Compliance Governance Bodies

Desired Capabilities & Behaviours:

• Experience with common information security regulations, certifications and management frameworks, such as UK Cyber Essentials, European GDPR, Australian Essential 8, National Institute of Standards and Technology (NIST) and ISO 27001
• Excellent technical knowledge of mainstream operating systems and security technologies (firewalls, honeypots, web application firewalls, SIEM, EDR, Vulnerability scanners, content filtering, etc.)
• Knowledge of common vulnerabilities and exploitation techniques and methods available for application and system technology security testing.
• Ability and willingness to work in a global team that collaborates closely with Australia - Early morning (7am) meetings
• Knowledge and understanding of information risk concepts and principles as a means of relating business and project needs to security controls
• Has the ability to interface with, and gain the respect of, stakeholders at all levels and roles in the business
• The ability to understand business strategy and how it relates to the application of cyber security and controls within Laing O'Rourke. An understanding of the business operations and end user impact of cyber security controls.
• Excellent written and verbal communications skills with the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• A driver and implementer who possesses the poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Knowledge of Regulations, Standards, and Compliance around cyber security. Audit, compliance, or governance experience is preferred.

Education & Experience:

• Minimum 5-8 years of experience in a combination of enterprise information security and/or cyber security functions.
• Proficiency with security frameworks, standards and best practices for compliance (NIST, ISO27001, Cyber Essentials, Essential 8)
• Knowledge of best practices of IT security hardware and software, security suites, identity and access management, and encryption
• CISSP, CISM, CISA, CRISC preferred.

We want to ensure our recruitment process is accessible to all. If you need the application form in an alternative format or you would like to know more about our recruitment process, please email

• Search for:

• Recent Posts

  • Project Manager
  • Senior Quantity Surveyor
  • Associate Director – Geo-Environmental
  • Associate Director – Geo-Environmental
  • Freelance Recruiter (Remote / Global)
  • Freelance Recruiter (Remote / Global)
  • Freelance Recruiter (Remote / Global)
  • Freelance Recruiter (Remote / Global)
  • Freelance Recruiter (Remote / Global)
  • Freelance Recruiter (Remote / Global)

• Favorite Links

  • Green Building Products