OT Cyber Security Consultant

Home based with travel to Glasgow and UK-wide customer sites

Are you an OT/ICS cyber specialist who enjoys getting hands-on with red team activities in critical industrial environments? Do you want role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response? Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing?

• 28 days holiday plus bank holidays
• Flexible working
• Pension scheme
• Life assurance policy
• Private health care
• Salary sacrifice programme
• Mental health assistance programme
• Cycle to work scheme
• Green car scheme
• Support in achieving or maintaining chartered status (e.g. IET, BCS, CIISEC) with professional membership fees covered

• Delivering OT-focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises
• Planning and executing security assessments and incident response exercises in OT/ICS environments
• Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICs
• Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses
• Supporting risk assessments and compliance against standards such as IEC 62443, NIST SP800-82 and NIS-R
• Helping deploy, configure and maintain OT cybersecurity and security monitoring solutions
• Contributing to crisis simulations, incident response plans and cybersecurity awareness training
• Preparing reports, documenting findings and recommending improvements to strengthen cyber resilience
• Supporting proposal development and wider service delivery documentation

You'll be joining a long-established advanced systems integrator focused on operational technology and digital transformation. They deliver complex, business-critical projects across highly regulated industrial sectors including energy, water, renewables and manufacturing, helping clients optimise performance and manage cyber risk at scale.

• A degree in Engineering, Computer Science or a related discipline, plus around 35 years' practical cyber security experience
• Hands-on experience in offensive security (penetration testing, vulnerability assessment, adversary simulation)
• Working knowledge of ICs/OT environments (e.g. SCADA, PLCs, RTUs) and securing IT/OT interfaces
• At least one relevant ICs/OT certification (e.g. SANS GICSP, SANS GRID, or IEC 62443)
• Familiarity with ICs protocols (MODBUS, OPC, DNP3) and core network security principles (switching, routing, firewalls)
• Experience deploying or supporting OT cybersecurity solutions and monitoring tools
• Ability to develop attack scenarios and validate security posture against recognised frameworks (e.g. NIST 800-53/82, IEC 62443)
• Exposure to incident response, including testing and improving detection and response capabilities
• Strong communication and stakeholder engagement skills, comfortable with both technical and non-technical audiences
• Eligible for UK Cyber Security Council Practitioner registration (or close to it SFIA Level 4)
• Eligible for SC clearance

We appreciate your CV may not be up to date. No problem, just apply and we can deal with that later.

Important Information: We endeavour to process your personal data in a fair and transparent manner. In applying for this role, Russell Taylor will be acting within your interest and will contact you in relation to the role, either by email, phone or text message. For more information see our on our website. It is important you are aware of your individual rights and the provisions the company has put in place to protect your data. If you would like further information on the policy or GDPR please get in touch with us