Information Security Analyst jobs in United Kingdom

Home based with travel to Staffordshire and UK‑wide customer sites

Are you an OT/ICS cyber specialist who enjoys getting hands‑on with red team activities in critical industrial environments?

Do you want a role that mixes penetration testing, threat emulation and resilience validation with security architecture and incident response?

Would you like to help major UK operators strengthen their cyber resilience across energy, water, renewables and manufacturing?

• Fantastic basic salary
• 28 days holiday plus bank holidays
• 6.5% pension scheme
• Life assurance policy
• Private health care
• Green car scheme
• Support in achieving or maintaining chartered status (e.g. IET, BCS, CIISEC) with professional membership fees covered

• Delivering OT‑focused red team activities with specialist partners, including penetration testing, adversary simulation and incident response exercises
• Planning and executing security assessments and incident response exercises in OT/ICS environments
• Developing and implementing attack scenarios and detection use cases using frameworks such as MITRE ATT&CK for ICS
• Performing vulnerability assessments, threat modelling and attack path analysis to identify and address security weaknesses
• Supporting risk assessments and compliance against standards such as IEC 62443, NIST SP800‑82 and NIS‑R
• Helping deploy, configure and maintain OT cybersecurity and security monitoring solutions
• Contributing to crisis simulations, incident response plans and cybersecurity awareness training
• Preparing reports, documenting findings and recommending improvements to strengthen cyber resilience
• Supporting proposal development and wider service delivery documentation

You’ll be joining a long‑established advanced systems integrator focused on operational technology and digital transformation. They deliver complex, business‑critical projects across highly regulated industrial sectors including energy, water, renewables and manufacturing, helping clients optimise performance and manage cyber risk at scale.

• A degree in Engineering, Computer Science or a related discipline, plus around 3–5 years' practical cyber security experience
• Hands‑on experience in offensive security (penetration testing, vulnerability assessment, adversary simulation)
• Working knowledge of IC/OT environments (e.g. SCADA, PLCs, RTUs) and securing IT/OT interfaces
• At least one relevant IC/OT certification (e.g. SANS GICSP, SANS GRID, or IEC 62443)
• Familiarity with IC protocols (MODBUS, OPC, DNP3) and core network security principles (switching, routing, firewalls)
• Experience deploying or supporting OT cybersecurity solutions and monitoring tools
• Ability to develop attack scenarios and validate security posture against recognised frameworks (e.g. NIST 800‑53/82, IEC 62443)
• Exposure to incident response, including testing and improving detection and response capabilities
• Strong communication and stakeholder engagement skills, comfortable with both technical and non‑technical audiences
• Eligible for UK Cyber Security Council Practitioner registration (or close to it – SFIA Level 4)
• Eligible for SC clearance

We appreciate your CV may not be up to date. No problem, just apply and we can deal with that later.