Cyber Security Consultant (SC Cleared) – Maritime OT Specialist
* 📍 Location: Bath / Bristol (BMT Group offices) – Highly Flexible Hybrid
* 🚀 Start Date: ASAP
* 📅 Contract Duration: 6 months rolling (4-year project lifecycle)
* 💰 Rate: Up to £650/day - Inside IR35
* 🔐 Clearance: Active SC Clearance Required
⚓ The Role in a Nutshell
This isn't a standard \"web and database\" security role. You will be protecting the physical nervous system of the UK’s newest, most prestigious naval ship design programme.
You will secure the Operational Technology (OT) and Industrial Control Systems (ICS) that manage everything from propulsion and cargo cranes to fuel handling and HVAC. This is a high-level design, accreditation, and systems engineering role, ensuring the blueprints of the fleet are resilient against sophisticated threats.
🛠️ Key Responsibilities
* Systems Engineering Approach: Analyse block diagrams of ship engines, weapon systems, and utility controls to identify deep-seated security vulnerabilities.
* Accreditation Leadership: Own the RMADS (Risk Management Accreditation Document Sets) process, ensuring compliance with JSP 440/604.
* Risk Assessment: Conduct comprehensive cyber risk assessments (threats, vulnerabilities, controls) specifically for interconnected IT, OT, and Combat Systems.
* Documentation: Develop and review Treatment, Implementation, and Assurance Plans, alongside Gap Analysis.
* Testing & Assurance: Define security testing protocols and participate in FAT (Factory Acceptance Testing) and SAT (Site Acceptance Testing).
* Stakeholder Advice: Act as the technical authority, providing cyber security guidance to BMT’s design and engineering teams.
🎯 Required Skills & Experience
✅ Essential (The Filter)
* OT & Combat Systems: Proven experience with Operational Technology, specifically PLCs, Sensors, and Actuators within a maritime, aerospace, or heavy industrial context.
* MoD Accreditation: Deep familiarity with UK MoD security policies and the delivery of RMADS.
* Industrial Protocols: Hands-on awareness or experience with Siemens S7 PLCs and protocols such as Modbus, Profinet, or CANbus.
* Network Architecture: Ability to dissect and secure complex network architectures that bridge the gap between IT and OT.
* Technical Writing: Ability to produce high-quality, MoD-standard technical documentation.
➕ Desirable
* Project Experience: Previous involvement in major naval programmes (e.g., Type 26, Type 31).
* Security Tools: Exposure to SIEM, IDS, Firewalls, and Encryption technologies within an industrial environment.
* Penetration Testing: Experience scoping or performing pen-tests on non-standard hardware.
🎓 Qualifications (Desirable)
* CISSP / CISM
* SANS / GIAC (specifically GICSP or GCIP)
* CompTIA Network+ / CySA+
🛡️ Security & Compliance
* Must hold an Active SC Clearance.