Swyddi ar lein
Cyber Security and Resilience Engineer
£37,938 - £39,152 a year | Permanent
- Reference:
- 25-28626
- Job title:
- Cyber Security and Resilience Engineer
- Directorate:
- North and Mid Wales Trunk Road Agent
- Service:
- Tunnels and Technology Unit
- Closing date:
- 07/08/2025 10:00
- Job type/Hours:
- Permanent | 37 Hour
- Salary:
- £37,938 - £39,152 a year
- Pay Scale:
- S4
- Location(s):
- North Wales Traffic Management Centre , Conwy
Details
Job Advertisement
Cyber Security and Resilience Engineer
SALARY: S4 (SCP 26-28) (£36,124 – £37,938)
LOCATION: - Conwy Traffic Management Centre
The post involves the responsibility of monitoring the Security Assurance Programme to cover current and current technology threats across the Traffic Wales Communications and Systems Infrastructure, as well as Coordinate and document effectively on Cyber Security compliance requirements, in accordance with security policies, standards and legislation where applicable, to industry best practice.
Provide input on the security and resilience of the infrastructure and the ability to recover through successful incident response as well as to ensure that the systems infrastructure is supported in accordance with policies and procedures adopted by the Welsh Government and Trunk Road Agencies.
If you have any specific queries relating to the above posts, please contact Clint Loop on 01492 564747.
For these posts, the ability to communicate in Welsh is desirable and English essential.
Closing Date: 10.00 AM, THURSDAY, 7 August 2025
If you are successful to be short listed for an interview you will be contacted by E-MAIL using the address provided on your application form. You need to ensure that you check your E-MAIL regularly.
Person Specification
Personal attributes
Essential
Need to be independent and able to make decisions on his/her own and as part of a team.
Proactive in continuing to learn about the latest in a complex and rapidly changing industry.
Able to gain skills and continually update as the industry progresses.
Owns full UK driving licence
Desirable
-
Qualifications and relevant training
Essential
Relevant Degree or Cybersecurity qualification (e.g. CISSP, CEH, CCSP, CISM)
Desirable
Professional qualification
Cisco qualification CCNA, CCNP or similar
Microsoft Qualification
Relevant experience
Essential
Experienced in engineering and supporting Security systems (eg firewall, antivirus software etc)
Experience using systems to identify and report Security vulnerabilities
Broad understanding of Security standards eg NCSC CAF, Cyber Essentials, NIST etc
Professional officer with broad experience in network support, maintenance and design
Experience in infrastructure analysis and design
Desirable
Experience in policy and procedure development
Experience supporting SCADA and industrial control systems.
Skills and specialist knowledge
Essential
Knowledge of IT infrastructure, hardware, operating systems, wide area/local networks etc
Strong documenting skills, and ability to document reports to a technical and/or non-technical audience
Experience in Cyber Security management, including prevention, monitoring and detection of incidents, attacks, interventions and other unusual, illegal or malicious activities
Aware of developments in the area of expertise
Being able to solve problems logically
Detailed knowledge of wireless equipment and switches with the ability to set up, configure, maintain and support them
Ability to set up, configure, maintain a firewall
Desirable
Information Security and ISO27001
Knowledge of:
TCP/IP
Routing and Switching protocols, OSPF, BGP
Expertise in setting up, configuring and maintaining:
Microsoft Active Directory
Microsoft PowerShell
Microsoft Group Policy
Backup Systems
Data Centres Technologies / Servers / Virtualisation Platforms
Edge Hardware, e.g. Network Wiring, UPS etc
Disaster Recovery / Business Continuity technologies
Language requirements
Listening and Speaking - Intermediate
Able to maintain a fluent conversation on a number of various everyday subjects, and discuss cases involving the field of work.Able to follow a discussion in Welsh, in Clear Welsh, on familiar matters relating to the post. Able to contribute to the conversation and answer questions.
Reading and Understanding - Intermediate
Understand everyday correspondence on familiar issues at work.Understand longer reports in Clear Welsh and be able to pick up the main points. (help may be required with the vocabulary).
Writing - Intermediate
Able to write letters for a specific purpose, e-mails and short reports in Welsh and English, using vocabulary and simple phrases that are familiar to the field of work. (They will need to be checked before being sent out).
Job Description
Purpose of the post
•Monitor the Security Assurance Programme to cover current and current technology threats across the Traffic Wales Communications and Systems Infrastructure.
•Coordinate and document effectively on Cyber Security compliance requirements, in accordance with security policies, standards and legislation where applicable, to industry best practice.
•Support all Traffic Wales Communications and Systems Infrastructure security accreditations.
•Report on, and document Cyber Security and Resilience Risks.
•Develop good relationships with technical and support staff to ensure systems and information needs are identified and met.
•Provide advice and guidance during project planning phases to ensure that Cyber Security and resilience requirements are considered in the whole specification.
•Support, engineer and provide the second and third line skills and expertise for all hardware and software that includes Traffic Wales network security elements.
•Support comminucations and systems infrastructure across 26 access fibre connected sites.
•Provide input on the security and resilience of the infrastructure and the ability to recover through successful incident response.
•Ensure that the systems infrastructure is supported in accordance with policies and procedures adopted by the Welsh Government and Trunk Road Agencies.
Responsibility for functions
Staff:
•Provide guidance and support to other stakeholders, including but not limited to the Tunnels Team, Intelligent Transport Systems Team, Public Communications Team and the Operational Control Rooms.
•Work as a technical lead for security on various systems integration projects.
•Be a technical resource for other project teams.
•Work closely with other stakeholders and monitor the progress of various project activities.
Finance:
•Be aware of budgetary structures and support project/contract constraints.
•Provide services for small, medium and large projects.
Data/Tools/Software:
•Have input into the Cyber Security aspects of safety critical monitoring and control systems. Provide technical support to any technical new projects.
•Input on any hardware or software used in the interests of protecting all Traffic Wales systems and data.
•Have input into the security aspects of systems that have an impact on all internal and external stakeholders and have a direct impact on the public (and make decisions about them).
•Have responsibility for establishing and preserving internal and external firewall policies.
•Responsibility for the web usage filtering service
•Develop and maintain system security objectives, strategy and policy.
•Ensure that such plans, policies and strategies are agreed with relevant stakeholders.
•Ensure that all relevant documents are updated when changes are made.
•Liaise with individuals/external bodies to resolve complex issues.
Main duties
Decision making, organisation and innovation:
•Proactively review compliance to Cyber Security standards.
•Respond to IT security incident(s), researching and analysing, documenting and reporting, including improvement recommendations.
•Monitor for security violations, attacks or unusual activities, including identifying permissions abuses etc.
•Identify new ideas and efficiencies about how Traffic Wales can create efficiency improvements, improve services provided to other stakeholders or create new opportunities within the Traffic Communications and Systems Infrastructure Team and within current projects and across the organisation.
•Input into the decision-making process regarding supplier and product selection.
•Manage one's own highly complex and technical workload to meet targets.
•Be able to perform multiple tasks simultaneously.
•Be able to strike a balance between project work delivery requirements and high pressure and ad-hoc support work to ensure they remain available to the Traffic Communications and Systems Infrastructure Team.
•Lead on policies and procedures, which he/she will be required to document.
•Input into the business planning process.
•Contribute towards ensuring that performance targets and improvement measurements are achieved or exceeded.
Communicate:
•Excellent communication skills to communicate with various stakeholders.
•Write reports for stakeholders on Cyber Security performance.
•Prepare presentations and deliver them to a varied audience of different stakeholders as required.
•Proactively work with different workstream team members and other relevant stakeholders across the organisation and external entities/companies to ensure Cyber Security requirements are properly defined and ensure compliance.
•Clearly document stakeholder requirements by contacting users at meetings and workshops.
•Develop and review conceptual and technical specifications.
•Prepare and deliver training to the users.
•Represent the department externally and at meetings with other stakeholders.
•Provide advice and guidance to users and senior management.
Other:
•Be able to solve problems on multiple levels.
•Make suggestions to resolve complex and technical issues.
•Can be a consultant to the organisation to improve applications and develop new ones.
•Work on multiple tasks simultaneously.
•Responsible for identifying risks in accordance ISO/27001 and ensuring responsibility is taken for them.
•Responsibility for self-development.
•Ensure compliance with Health and Safety rules in the workplace in accordance with the responsibilities noted in the Health and Safety at Work Act 1974 and corresponding health and safety policies.
•Operate within the organisation’s policies in relation to equal opportunities and equality.
•Responsible for managing information in accordance with the organisation’s information management guidelines. Ensure that personal information is treated in accordance with Data Protection legislation.
•Commitment to reducing carbon emissions in accordance with the Carbon Management Plan, and to encourage others to act positively towards reducing the organisation’s carbon footprint.
•Undertake any other reasonable duty which corresponds to the salary level and responsibility level of the job.
•Responsibility to report any concern or suspicion that a child or vulnerable adult is being abused.
Special circumstances
•As Traffic Wales operates on a 24-hour, 7-day-a-week basis, it will be necessary to work unsocial hours and weekends from time to time, with payment provided in accordance with the terms and conditions of employment
•Emergency calls will be the subject of a specific discussion
