Senior OT Security Consultant
Who are we looking for?
Due to increasing demand for the Operational Technology (OT) Cyber Security services provided by Bridewell, we are seeking a Senior Consultant to join our OT Cyber Security team of industry leading experts.
You will ideally be a client facing consultant with a high-level of experience and expertise in both Cyber Security and Operational Technology (OT).
What you'll be doing
The role sits within our OT Cyber Security team, which is part of the wider consulting practice in Bridewell.
The majority of our clients are part of the UK's critical national infrastructure, in sectors such as energy, water, and aviation. We also have clients in manufacturing, who often have a heavy reliance upon OT. Your primary focus will be delivery of OT Cyber Security services to our clients.
The services we provide are varied and interesting, and include:
Transitioning clients to a position of mature Cyber Security & resilience, sometimes from a starting point of minimal security maturity.
Supporting clients to implement frameworks, standards, and guidance, including ISA/IEC62443, NCSC CAF, NIST SP 800-82, HSE OG86.
Helping clients to understand their attack vectors that could be exploitable by threats.
Designing secure OT network architectures and perimeter defences.
Designing OT remote access solutions.
Designing OT cloud data centre solutions.
Delivery of innovative security solutions to overcome security limitations of older OT systems.
Supporting the selection and development of security solutions and technologies.
What we're looking for
You will have:
Excellent verbal communication skills with the ability to engage confidently with a variety of different stakeholders, including engineers and senior management.
Deep understanding of common OT cyber security controls and approaches.
Delivered Cyber Security solutions for OT systems across all levels of the Purdue Enterprise Reference Architecture (PERA) model.
Experience in operating within industrial environments (including familiarity with common management of change procedures, as well as FAT & SAT).
Experience in applying innovative solutions to overcome common Cyber Security challenges in OT environments, including IdAM limitations, lack of message authentication in OT protocols, and complexities with the application security updates.
Ability to understand and articulate the impacts of cyber security events in various OT environments.
Understanding of the different priorities of cyber security in OT vs IT.
Strong understanding and knowledge of performing cyber risk assessments.
Demonstrable knowledge of cyber security frameworks, including but not limited to ISA/IEC 62443, NCSC CAF, NIST SP 800-82, HSE OG86, and ISA TR84.
Ability to understand and interpret process control and single-line diagrams.
Experience of designing and implementing enterprise security.
Awareness and understanding of the OT security threat landscape.
Broad understanding of a range of computer operating systems.
Strong network and network security capabilities.
Very strong understanding of SCADA and PLC technologies.
Very strong technical authoring capabilities.
Experience of cloud platforms is advantageous.
What's in it for you?
Our vision is to create a safe, inclusive digital world where people and organisations can thrive. Our values of 'Do the Right Thing', 'One Team' and 'Above and Beyond' emphasises the importance of the part we play in society, and our commitment to our people and clients. Our story to-date has been phenomenal, but success doesn't end here and as we continue to grow and scale, we want to keep the same culture, passion and commitment to high quality that has enabled us to get this far. Bridewell will provide a great career opportunity with continual development as well as the following:
25 Days Holiday - plus buy and sell options
Flexible working (around core office hours)
Employee shareholder scheme
Dedicated training budget
Home office equipment (for remote working employees)
Private healthcare (incl. gym discounts)
Birthday off (after 1 year)
About Bridewell
One of the most exciting prospects in the UK cyber security sector today, Bridewell is one of the fastest growing cyber security services businesses with a strong track record for delivering complex security projects and providing excellent customer service. Bridewell has an exciting and varied portfolio of clients across financial services, manufacturing, oil & gas, government, critical national infrastructure and more. Bridewell holds the gold level Investors in People award which we feel solidifies and reflects on the outstanding calibre that makes us truly 'One Team'.
Along with our focus on our people, we also have a big focus on sustainability and recognise the role we play in the fight against climate change. Today, Bridewell is proud to be a carbon negative business.
Location: Bridewell operates a hybrid and flexible working policy; however, you will be required to travel to different sites on occasion, including heavy industrial facilities.
Note: To be eligible for this job you must either hold SC or be eligible and willing to go through security clearance.
Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.
