Title: OT Security Specialist
Reference No: 2163
Company: FTSE 100
Reports to OT and Manufacturing Security Manager
Location: London
Working Pattern 37.5 hours per week, Monday – Friday. Location: London/Peterborough, with potential travel to divisional sites as required by advisory engagements (hybrid working arrangements in place).
Salary: £59,000 - £72,000
Benefits Bupa, Matched pension contributions.
The Role
Group Cyber Security Overview
The Group Cyber Security (GCS) team is responsible for managing cyber risk appropriately across the Group and has recently refreshed its cyber strategy, with a renewed focus on embedding cyber security as part of the culture and DNA. The Group operates a highly federated business model spanning 11 divisions and over 50 countries, and the cyber strategy has been designed to build materially improved security capabilities whilst working with a divisional focus.
It is an exciting time to join GCS. We are in a period of significant investment, with a multi-year transformation programme under way to build new security capabilities at pace. The business, whose resilience depends on keeping production lines running, plants safe, and supply chains intact, the security of operational technology is fundamental.
The OT and Manufacturing Security team sits at the heart of that mission – setting the Group OT security standard, driving improvement across the global manufacturing estate, and ensuring that the people, processes, and technologies running the plants are protected against an evolving threat landscape.
Role Summary
Reporting to the OT and Manufacturing Security Manager, the OT Security Specialist is a hands-on technical expert who provides specialist OT security knowledge, assessment capability, and practical delivery support across the manufacturing and operational technology environments. The role sits close to the operational reality of its plants – engaging directly with divisional engineering teams, system owners, and plant management to assess OT security risks, support the implementation of security controls, and build security awareness in communities who may not have a traditional cyber background.
The OT Security Specialist combines deep technical knowledge of OT environments – SCADA, ICS, PLCs, DCS, and the protocols that connect them – with a practical understanding of how security improvements must be designed and sequenced to respect the availability, safety, and operational constraints of manufacturing environments. This is not a purely desk-based role: it requires regular site visits, direct engagement with plant engineers, and the ability to earn trust in a world where cyber security may be seen as a new and sometimes unwelcome intrusion.
The role supports the OT and Manufacturing Security Manager across the full range of OT security activities – from risk assessment and vulnerability management, through Claroty deployment and monitoring, to incident response support and the delivery of OT-specific security awareness programmes. The OT Security Specialist is a critical delivery resource within the team and a key technical interface between Group Cyber Security and the operational and engineering communities.
Role Responsibilities / Accountabilities
OT Security Assessment & Risk Management
• Conduct OT security assessments and risk reviews across the manufacturing sites and divisional OT environments; identify security gaps, assess risk against the Group OT security standard, and produce clear, risk-prioritised findings with practical remediation recommendations appropriate for the operational context.
• Support divisional teams in understanding and implementing OT security risk assessments; provide technical guidance on risk assessment methodology appropriate for OT environments, including consequence-based analysis that accounts for physical safety, process continuity, and environmental implications.
• Maintain and update the Group OT risk register in collaboration with the OT and Manufacturing Security Manager; track remediation activity against identified risks, monitor progress, and flag where risks are not being addressed within agreed timescales.
OT Vulnerability Management
• Monitor OT-specific vulnerability intelligence sources and vendor security advisories; assess the applicability and risk of vulnerabilities to the OT estate, and develop practical remediation or mitigation guidance that acknowledges the constraints of OT patching cycles and change management processes.
• Communicate vulnerability findings and recommended actions to divisional engineering teams and system owners in a form they can understand and act on; track remediation or compensating control implementation through to closure.
• Support the management of OT-relevant projects across the Group estate; review project proposals and change requests for security implications, provide technical OT security input to design reviews, and assure that security controls are implemented as intended.
OT Monitoring & Claroty Platform Support
• Support the deployment and ongoing operation of Claroty across the manufacturing sites; configure asset discovery and network monitoring capabilities, validate that the platform is providing accurate and complete OT asset inventory, and ensure that monitoring coverage extends to all in-scope environments.
• Manage and review OT security monitoring alerts from Claroty and other OT monitoring tooling; investigate anomalous activity, assess severity and operational impact, and escalate confirmed or suspected incidents to the OT and Manufacturing Security Manager and the SOC in line with the Group incident response process.
• Support integration of OT monitoring outputs into the Group SOC operational workflow; work with the SOC and Security Platform Engineering Manager to ensure that OT alerts are correctly classified, enriched, and handled by SOC analysts who may have limited OT context. This may include assisting with Playbooks and service design.
Divisional Engagement & Technical Guidance
• Engage directly with divisional engineering teams, plant managers, system owners, and BISOs to provide technical OT security guidance and practical support; build trusted working relationships with operational and engineering communities who may have limited prior exposure to cyber security, and develop a reputation as a helpful, knowledgeable, and operationally aware partner.
• Provide technical review and guidance on OT network architecture, IT/OT segmentation, secure remote access design, and system integration proposals; identify security concerns at the design stage and work constructively with engineering teams to address them without impeding operational delivery.
• Support the management of OT third-party relationships; assist in assessing the security posture of OT suppliers, system integrators, and remote maintenance providers, and ensure that access controls, network segmentation, and contractual security requirements are appropriately applied and enforced.
Incident Response Support & Crisis Readiness
• Provide technical OT security expertise in the event of a cyber incident affecting manufacturing or OT environments; support the OT and Manufacturing Security Manager and the Group incident response team with OT-specific situational awareness, technical analysis, and advice on response options that balance security with operational and safety imperatives.
• Support the development and maintenance of OT cyber incident response plans and playbooks; contribute to the design of OT-specific crisis exercises and help ensure that divisional engineering and operations teams are prepared to respond effectively when needed.
Awareness, Training & Continuous Improvement
• Develop and deliver OT-specific security awareness and training content for operational, engineering, and plant management audiences; create materials that are relevant, accessible, and appropriate for people whose primary expertise is engineering rather than cyber security.
• Stay current with developments in OT cyber security – emerging threats, vendor advisories, ICS-CERT publications, regulatory developments – and bring relevant intelligence to the OT and Manufacturing Security Manager in a timely and structured way.
Experience, Knowledge, Skills & Attributes Essential Desirable
Experience
• 5+ years in cyber security, with at least 3 years of hands-on experience in OT, ICS, or manufacturing security roles within an industrial or manufacturing organisation.
• Demonstrable, hands-on experience of real OT environments – SCADA, ICS, PLCs, DCS, or HMI – sufficient to engage credibly with plant engineers and system owners, and to make practical security recommendations that respect operational constraints and safety requirements.
• Experience conducting OT security assessments or risk reviews, producing structured findings reports, and providing remediation guidance appropriate for the operational context.
• Experience working directly with OT vulnerability intelligence sources and developing remediation or mitigation guidance that accounts for OT patching constraints and change management requirements.
• Experience engaging directly with engineering, operations, or plant management teams to deliver security guidance, conduct site assessments, or provide security design input to OT projects.
Knowledge & Skills
• Solid technical knowledge of OT environments: SCADA, ICS, DCS, PLCs, HMI systems, and OT-specific protocols including Modbus, OPC-UA, DNP3, and Profinet; able to interpret architecture diagrams, network designs, and vendor documentation for these environments.
• Working knowledge of OT security frameworks and standards: IEC 62443, NIST SP 800-82, and the Purdue Model; understanding of IT/OT network segmentation principles and common secure architecture patterns for OT environments.
• Understanding of OT asset discovery and network monitoring concepts; familiarity with passive and active monitoring approaches and the considerations for deploying monitoring tools safely in live production environments.
• Strong interpersonal and communication skills; able to build trust with engineering and operational teams who may be unfamiliar or initially sceptical of cyber security, and to explain technical security concepts clearly to non-security audiences.
• Genuine understanding of the safety-security interface: able to design and recommend security measures that do not compromise plant safety, process integrity, or operational availability.
Qualifications
• Degree-level education in engineering, computer science, information security, or a related technical discipline; or equivalent professional experience.
• Professional certification in OT or cyber security: GICSP, ISA/IEC 62443 CCST, CompTIA Security+, or equivalent. Experience
• Experience in a large FMCG, food and beverage, sugar, agricultural, or consumer goods manufacturing organisation, with direct exposure to food-grade, hygiene, or continuous process manufacturing environments.
• Hands-on experience deploying or configuring an OT network monitoring or CAASM platform (e.g. Claroty, Dragos, Nozomi Networks) in a live production environment.
• Experience providing OT security input to a significant manufacturing technology project, OT upgrade, or new site build, including design review and security requirements definition.
• Experience supporting or participating in an OT cyber security incident response, including real-time technical analysis and communication to operational stakeholders under pressure.
Experience, Knowledge, Skills & Attributes Desirable
Experience
• Experience in a large FMCG, food and beverage, sugar, agricultural, or consumer goods manufacturing organisation, with direct exposure to food-grade, hygiene, or continuous process manufacturing environments.
• Hands-on experience deploying or configuring an OT network monitoring or CAASM platform (e.g. Claroty, Dragos, Nozomi Networks) in a live production environment.
• Experience providing OT security input to a significant manufacturing technology project, OT upgrade, or new site build, including design review and security requirements definition.
• Experience supporting or participating in an OT cyber security incident response, including real-time technical analysis and communication to operational stakeholders under pressure.
Knowledge & Skills
• Familiarity with a specific OT vendor ecosystem relevant to the manufacturing estate (e.g. Siemens, Rockwell Automation, Schneider Electric, ABB, or Honeywell) and the security implications of their platforms and architectures.
• Understanding of IT/OT convergence considerations arising from IIoT and Industry 4.0 deployments, and awareness of the new attack surfaces these introduce in manufacturing environments.
• Working knowledge of the broader IT security estate (Microsoft E5, Defender suite, Zscaler) and the considerations that arise when extending IT security controls into OT network zones.
• Awareness of health, safety, and environmental (HSE) regulatory frameworks as they intersect with OT security, and an appreciation of the physical safety and environmental consequences that can result from cyber incidents in manufacturing environments.
Qualifications
• ISA/IEC 62443 Cybersecurity Certificate or higher level qualification in OT security.
• CISSP or CISM for those looking to develop broader security leadership credentials alongside their OT specialism.
• Membership of a relevant professional body or industry group (CIISec, IET, ISA, BCS) is welcome.