OT Cyber Security Consultant

Hybrid role (few days a week/month in London)

Paying between £60,000 - £70,000 per annum DOE

* Please note this role requires you to either hold or be eligible for Security Clearance

An established and growing cyber security consultancy is looking to appoint an OT Cyber Security Consultant to support complex, safety-critical environments across critical national infrastructure.

This role sits within a specialist OT security team and focuses on assessing, assuring, and improving the cyber resilience of industrial and operational technology systems. You’ll work at the intersection of control & instrumentation engineering and cyber security, helping clients implement practical, standards-aligned security controls that are proportionate, defensible, and effective.

You’ll be involved in delivering end-to-end OT security assurance, from early design support through to operational assessments, helping asset owners and delivery partners demonstrate robust security across the system lifecycle.

• Perform OT and ICs cyber security risk assessments covering operational assets and enabling systems
• Assess the security of OT solutions developed by system integrators and supply chain partners
• Define and refine cyber security requirements to support secure OT system design and deployment
• Review architectures, network segmentation, and security controls across PLC, SCADA, DCS, and C&I environments
• Support alignment with regulatory, legislative, and industry frameworks, particularly in highly regulated sectors
• Contribute to security cases, assurance evidence, and supporting documentation
• Work closely with engineering, safety, IT, and governance teams to deliver joined‑up security outcomes
• Support the development of internal OT security frameworks, guidance, and capability

• Circa 5 years’ experience in OT/ICS cyber security or Control & Instrumentation engineering with a security focus
• Strong understanding of industrial control system architectures and OT networking
• Experience contributing to cyber risk assessments, security evaluations, or assurance activities
• Knowledge of relevant standards and frameworks (e.g. IEC 62443, NCSC CAF, NIST 800-82, ISO 27001/27019)
• Ability to produce clear, structured written outputs translating technical risk into actionable recommendations
• Experience with in civil nuclear, energy, or other regulated critical infrastructure sectors
• Exposure to safety systems and integration of cyber security into safety cases
• Understanding of OT threat landscapes, incident response, or monitoring solutions
• Relevant certifications such as GICSP, IEC 62443, CISSP, CISM, or equivalent