OT Cyber Security Analyst

OT Cyber Security Specialist (SC Cleared)

Contract: 12 months
Location: 2 days per week onsite (London or Capenhurst)
Industry: Industrial / Utilities / Nuclear
Clearance: Must hold active SC clearance
Start: ASAP/Jan

Rate - £(Apply online only)/day inside IR35

• Purpose of the Role

The OT Cyber Security Specialist will support the design, development, integration, and delivery of OT security controls as part of a wider OT Cyber Security Enhancement Programme. The role reports to the Head of OT Cyber Security & Cyber Assurance, with matrix reporting to the OT Security Programme Manager, and sits within the Group Information Security Department.

The successful candidate must be experienced in developing OT cyber security procedures, maintaining and embedding Cyber Security Management Systems (CSMS), creating technical documentation, and delivering training and awareness activities.

• Key Accountabilities
• 1. Programme Support and Delivery

• Develop and update site management system procedures to align with OT Cyber Security Standards.
• Amend existing procedures based on OT security review findings, embedding improvements in the global CSMS.
• Collaborate with site Information Security Managers to integrate changes and support risk assessment refreshes.
• Coordinate and prioritise risk treatment activities in line with updated procedures.
• Support the OT Security Programme Manager in delivering control uplifts, including documentation updates.

Performance Indicators

• Increased alignment of OT security strategy with programme objectives.
• Adoption and integration of policies, standards, and procedures across sites.
• Reduction in identified OT security risks.
• Clear documentation of technical and business requirements for risk mitigation.

• 2. Gap Analysis & Risk Assessment
• Lead gap assessments against the OT cyber security standard and global OT risk framework.
• Define risk mitigation requirements in collaboration with engineering, local security, and technical teams.
• Work with engineering, design authority, IT, site ISMs, and maintenance teams to embed security controls in the project lifecycle.
• Support assurance reviews for new and existing projects to confirm compliance with reference architectures and security standards.
• Liaise with project teams and vendors to ensure risk considerations are embedded from design to deployment.

Performance Indicators

• Percentage of projects evaluated and approved on time.
• Successful incorporation of Security by Design principles.
• Time to resolve deviations from standards.
• Volume of compliance assessments conducted annually.

• 3. Security Awareness & Training

• Develop and support the delivery of a global OT security awareness campaign.
• Prepare and deliver tailored training materials to stakeholders across the OT governance structure.
• Work with marketing/communications to coordinate the rollout of security awareness materials.

Performance Indicators

• Effective design and delivery of the awareness programme.
• Number of training sessions delivered to OT security stakeholders.

• 4. Business Engagement & Communications

• Prepare and communicate assessment results, recommendations, guidance, and industry trends to operational and tactical stakeholders.
• Support KPI reporting and contribution of security performance metrics to leadership.

Performance Indicators

• Quality and relevance of stakeholder feedback.
• Timely delivery of KPI and programme reports.

• Job Requirements
• Vocational Qualifications (Preferred)

• Bachelor’s or Master’s degree in Automation, Robotics, Cyber Security, Computer Science, or related discipline.
• Relevant OT/IT cyber security certifications such as:
• ISA/IEC 62443 Series
• CISSP / CISM / CISA
• CEH
• GICSP
• CSSA

• Behavioural Competencies

• Strong collaboration and teamwork.
• Commitment to continuous improvement.
• Accountability and empowerment.
• Transparency, respect, and inclusivity.
• Strong focus on safety and integrity.
• Long-term, strategic thinking.

• Professional Skills

• Excellent written and verbal communication skills, able to tailor to technical and non-technical audiences.
• Proven experience delivering high-quality work independently or within cross-disciplinary teams.
• Strong stakeholder management and relationship-building skills.
• Effective problem-solving and collaboration capabilities.

• Technical Skills

Required:

• Minimum 3+ years OT Security experience within programme design/delivery or security engineering.
• Strong experience in procedural writing and documentation creation.
• Experience developing and maintaining Cyber Security Management Systems (CSMS).
• Proven application of security standards and best practices including NIST CSF, ISO 27001, IEC 62443, and NIS regulations.
• Strong understanding of OT systems, networks, architecture, protocols, and vulnerabilities.
• Experience in:
• Developing OT security procedures and processes.
• End-to-end risk assessment, management, and treatment.
• Conducting compliance assessments and assurance reviews.
• Translating business needs into technical specifications.
• Delivering training and awareness activities to promote a strong cyber security culture.

• Additional Requirements

• Must hold current SC clearance (essential).
• Must be able to work onsite 2 days per week in London or Capenhurst.
• Experience working in industrial, utilities, or nuclear environments is strongly preferred.