Senior Digital Solutions Consultant (Cyber Security)

• **We deliver the world’s most complex projects.**
• **Work as part of a collaborative and inclusive team.**
• **Enjoy a varied \& challenging role.**

• *Building on our past. Ready for the future**

Worley is a global professional services company of energy, chemicals and resources experts headquartered in Australia.

Right now, we’re bridging two worlds as we accelerate to more sustainable energy sources, while helping our customers provide the energy, chemicals and resources that society needs now.

We partner with our customers to deliver projects and create value over the life of their portfolio of assets. We solve complex problems by finding integrated data\-centric solutions from the first stages of consulting and engineering to installation and commissioning, to the last stages of decommissioning and remediation. Join us and help drive innovation and sustainability in our projects.

• *Primary Objectives**

We are seeking a highly experienced and strategic Senior OT Cybersecurity Engineer to join our team. In this role, you will be responsible for designing, implementing, and overseeing comprehensive cybersecurity solutions for operational technology (OT) environments, including SCADA systems, PLCs, and industrial control systems. You will lead the development of security architectures, conduct vulnerability assessments, and facilitate the implementation of security controls in accordance with industry standards and regulatory requirements. Candidates should possess extensive experience in OT/ICS security, SCADA system architecture, industrial control protocols, and network segmentation, with a proven track record of safeguarding critical infrastructure, mining, and Oil\&Gas production environment.

• *The Role**

• **As a Senior Digital Solutions Consultant with Worley*** , you will work closely with our existing team to deliver projects for our clients while continuing to develop your skills and experience etc.

• Design, develop, and implement comprehensive cybersecurity architectures for operational technology environments in compliance with industry standards and client requirements
• Conduct security assessments, threat modelling, and risk analysis of SCADA systems, PLCs, and industrial control networks.
• Lead the implementation of security controls, including network segmentation, access controls, and defence mechanisms across OT infrastructure.
• Develop and implement OT cybersecurity policies, procedures, and standards aligned with regulatory requirements and best practices.
• Perform vulnerability assessments and manage contractors to perform penetration testing on industrial control systems and provide remediation recommendations.
• Design and oversee the deployment of anomaly\-detection and security\-monitoring solutions for OT environments.
• Provide technical guidance and mentorship to cybersecurity and OT engineering teams on security best practices and emerging threats.
• Collaborate with operational teams to ensure security implementations maintain system availability and performance.
• Review and assess third\-party OT systems, devices, and integration designs for security compliance and alignment with company standards.
• Manage and coordinate security patch management, firmware updates, and security hardening across OT systems.

• *Other Responsibilities**

• Lead incident response and forensic investigation activities for security events in operational technology environments.
• Prepare comprehensive security reports, risk assessments, and presentations for senior management and stakeholders.
• Liaise with vendors, integrators, and external consultants to ensure security requirements are met throughout the project lifecycle.
• Assist in new tenders, RFPs, and contract negotiations by providing technical security assessments and recommendations.
• Stay current with emerging OT cybersecurity threats, vulnerabilities, and mitigation strategies through continuous professional development.
• Maintain compliance with all relevant Australian and international health, safety, environmental, quality, and cybersecurity legislative requirements.

• *Other Attributes**

• Expert verbal and written communication skills with the ability to convey complex security concepts to both technical and non\-technical audiences.
• Demonstrated ability to work under pressure, manage competing priorities, and maintain focus on accuracy and attention to detail in security\-critical environments.
• Able to maintain strong relationships with senior management, vendors, and peers while pushing for positive schedule, quality, and strategic outcomes.
• Ability to maintain confidentiality and protect sensitive security information and intellectual property.
• Highly organised, reliable, hands\-on team player with the ability to lead cross\-functional security initiatives.
• Ability to effectively manage own time and ability to work overtime when necessary.
• Enthusiastic, proactive, open, service\-minded and spontaneous working attitude and communication style.
• Proficiency and commitment to thoroughness in security assessments and implementations.
• Proactive, innovative, and forward\-thinking approach to emerging security challenges and technology advancements.
• Relevant security certifications highly desired (CISSP, GICSP, ISA/IEC 62443 Cybersecurity Expert, or equivalent).
• Strong project management capabilities and experience managing security budgets and resource allocation.

Demonstrated expertise in writing risk and threat assessment reports and conducting workshops with clients.

• *About You**

To be considered for this role it is envisaged you will possess the following attributes:

• Bachelor of Engineering in Electrical, Communications, Control Systems or equivalent degree.
• At least 10 years of experience in operational technology (OT) systems, industrial control systems (ICS), or SCADA environments.
• At least 10 years of experience in a consultancy role for major clients in Australia and abroad.
• At least 5 years of experience in leading teams of at least 3 consultants in a project environment and managing inter\-office work.
• At least 10 years of experience in engineering design of green\- and brownfield projects with operational technology (OT) systems, industrial control systems (ICS), or SCADA environments. Full design project lifecycle from FEED to handover.
• At least 5 years of experience in a senior cybersecurity role specifically focused on OT/ICS security, risk and threat assessment, and security architecture design.
• Knowledge of industrial control systems, including PLC programming, SCADA platforms, and distributed control systems (DCS).
• Comprehensive understanding of industrial protocols (Modbus, Profibus, EtherCAT, OPC, DNP3\) and network segmentation strategies.
• Strong knowledge of OT cybersecurity frameworks and standards (ISO 27001, NIST CSF and SPs Frameworks, ISA/IEC 62443, SOCI Act), and their implementation and integration to engineering design.
• Demonstrated expertise leading security assessments, penetration testing, and vulnerability management in operational technology environments.

Advanced proficiency in Python, SQL, and scripting languages for security automation and analysis.

• *Moving forward together**

We want our people to be energized and empowered to drive sustainable impact. So, our focus is on a values\-inspired culture that unlocks brilliance through belonging, connection and innovation.

We’re building a diverse, inclusive and respectful workplace. Creating a space where everyone feels they belong, can be themselves, and are heard.

And we're not just talking about it; we're doing it. We're reskilling our people, leveraging transferable skills, and supporting the transition of our workforce to become experts in today's low carbon energy infrastructure and technology.

Whatever your ambition, there’s a path for you here. And there’s no barrier to your potential career success. Join us to broaden your horizons, explore diverse opportunities, and be part of delivering sustainable change.

Worley takes personal data protection seriously and respects EU and local data protection laws. You can read our full Recruitment Privacy Notice Here .

Please note: If you are being represented by a recruitment agency you will not be considered, to be considered you will need to apply directly to Worley.