×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security Systems Analyst

Cyber Resilience Testing Lead

Job in Reading, Berkshire, RG1, England, UK
Listing for: Cyber UK
Full Time position
Listed on 2026-06-04
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security, Systems Analyst
Salary/Wage Range or Industry Benchmark: 60000 - 80000 GBP Yearly GBP 60000.00 80000.00 YEAR
Job Description & How to Apply Below

As a Cyber Resilience Testing Lead, you will play a key role within the Information Security team at Thames Water, supporting the Head of Cyber Resilience in delivering technical cyber resilience testing and vulnerability management activities across both IT and OT environments. Working closely with cybersecurity leadership, service owners, and technical teams, you will help ensure vulnerabilities are effectively identified, assessed, remediated, and evidenced across the organisation.

This role contributes to Thames Water’s cyber resilience programme by providing technical assurance of defensive capabilities, supporting resilience testing initiatives, and ensuring vulnerability management processes are robust and effective. You will collaborate with stakeholders across the business to ensure testing and remediation activities are executed efficiently while maintaining high standards of documentation, reporting, and governance. Security Clearance: CTC (Counter Terrorist Check) clearance is essential.

You must currently hold or be able to attain CTC clearance for this role.

What you’ll be doing as a Cyber Resilience Testing Lead
  • Lead the technical validation of vulnerabilities, including severity assessment, exploitability analysis, and business impact evaluation across IT and OT environments.
  • Perform advanced triage of vulnerabilities using industry-standard methodologies such as CVSS.
  • Act as the technical escalation point for complex or disputed remediation plans, advising on compensating controls and risk acceptance.
  • Maintain and update the central vulnerability register, ensuring accurate tracking from identification through to remediation.
  • Assign ownership of vulnerabilities and track remediation progress to completion.
  • Collect and validate remediation evidence, ensuring audit-ready documentation.
  • Prepare reports and dashboards to support oversight by Cyber Resilience leadership.
  • Design and maintain the annual penetration testing and red/purple team testing schedule.
  • Review and validate testing outputs, including exploit paths and findings, ensuring technical accuracy.
  • Translate testing findings into actionable remediation plans in collaboration with SOC, architecture, engineering, and OT teams.
  • Support the coordination of penetration testing, red/purple teaming, and cyber stress testing activities.
  • Provide subject matter expertise during cyber incidents, supporting technical investigation and response.
  • Maintain readiness for regulatory compliance, ensuring testing and vulnerability evidence meets audit requirements.
  • Support broader cyber resilience initiatives through operational and administrative activities.
  • Maintain accurate records and contribute to reporting and regulatory submissions.

Base location – Hybrid – Clearwater Court, Reading.
Working pattern – 36 hours Monday to Friday.

What you should bring to the role
  • Experience in cybersecurity, vulnerability management, or related technical security roles.
  • Strong understanding of offensive security methodologies, including MITRE ATT&CK.
  • Ability to analyse penetration testing reports in depth and translate findings into control improvements.
  • Experience tracking vulnerability remediation and coordinating with stakeholders to ensure timely resolution.
  • Experience working within critical infrastructure, utilities, or public sector environments.
  • Strong organisational skills with the ability to manage multiple priorities and maintain accurate records.
  • Excellent communication and interpersonal skills to engage technical and non-technical stakeholders.
  • Ability to build strong working relationships and operate as a self‑starter.
Technical experience and skills
  • Familiarity with vulnerability management tools such as Service Now, Tenable, or similar platforms.
  • Knowledge of cybersecurity frameworks and standards such as ISO 27001, NIST, and CIS Controls.
  • Proficiency in reporting and data analysis tools such as Excel, Power BI, or equivalent.
  • Ability to validate vulnerabilities, interpret testing results, and support remediation planning.
Desirable qualifications and experience
  • Broader knowledge and experience within cybersecurity or information security.
  • Experience with ICT/OT…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search