Location: Ebbw Vale, United Kingdom
Thales is a global technology leader with more than 83,000 employees on five continents. With over 7,500 people in the UK, operating across defence, space, aerospace, and digital security, we help build a future we can all trust. Thales supports the security and stability of our nation by providing extraordinary technology to our customers, as well as delivering social value to the UK with our products and services.
Technical Lead - OT Cyber Security
Location: Ebbw Vale, Reading, Crawley, Bristol, Templecombe, and Cheadle (any Thales office)
Other: permanent, full-time, hybrid, with 10-15% domestic & international travel
Step into a role where your OT cyber expertise shapes national‑level resilience and the future of secure industrial systems!
What the role has to offer
1. Enterprise-wide technical influence – shaping consequence informed, secure‑by‑design OT architectures, guiding adoption of cutting‑edge OT and AI‑enabled security technologies, and steering the evolution of Thales’ future OT cyber capabilities
2. Authoritative decision making – owning the final technical position on OT security designs, risks, and investments, strengthening national resilience and aligning product roadmaps with emerging trends
3. Innovation leadership – driving next‑generation OT security capabilities, modernising legacy estates, leveraging AI opportunities, and shaping Thales’ long‑term cyber resilience strategy
Our Opportunity
As our OT Cyber Security Technical Product Authority, you will take the lead in defining how advanced OT cyber capabilities are designed, assured, and evolved across some of the UK’s most complex and safety‑critical environments. You’ll be the organisation’s senior voice on OT security, setting the direction for architectures, standards, and engineering approaches that protect industrial control systems, SCADA platforms, process management technologies, and critical national assets.
You will provide authoritative leadership for consequence informed, secure‑by‑design OT systems, driving risk‑informed architectures and shaping organisational strategy through confident, evidence‑based decision making. Your influence will extend across senior stakeholders and multi‑vendor supply chains, ensuring suppliers meet rigorous expectations while advancing next‑generation OT resilience. By embedding a consistent, standards‑driven approach, you’ll strengthen governance, reduce cyber risk across essential services, and build long‑term architectural maturity.
We’re seeking someone with deep, hands‑on OT/ICS cyber security expertise—from SCADA and PLCs to industrial networking—supported by strong knowledge of standards such as IEC 62443 and NIS2. You will bring Technical Authority‑level judgement to steer complex engineering programmes, model consequence‑based risks, analyse threats, and define secure architectures with confidence, while communicating clearly with senior leaders and constructively challenging suppliers. This role is for those with genuine OT experience, not purely IT or cloud backgrounds; you’ll understand real‑time, safety‑critical environments and the realities of industrial processes. Whether your background is in energy, transport, advanced manufacturing, critical national infrastructure, control systems engineering, or industrial process sectors, you’ll bring the curiosity, resilience, and sound judgement needed to operate where your expertise shapes outcomes at a national level.
Building a Future, we can all trust.
Are you looking for the opportunity to directly shape and deliver world-class solutions to our customers? If so, then Engineering & Technical Management may be just the ticket. Whether focusing on leading large teams or working as a technical expert, roles in this area provide you with an opportunity to shape the world we live in today.
What we offer you
We offer a competitive salary and benefits package designed to support our employees’ wellbeing and professional growth, which includes:
4. Performance-related bonus
5. Half day every Friday, usually finishing around 13:00
6. 28 days annual leave (plus bank holidays) with opportunity to buy up to 40 hours/year (pro rata)
7. 24 hours volunteering paid for
8. Private healthcare
9. Pension scheme
10. Life cover
11. 24/7 Employee Assistance Program and access to mental wellbeing app
12. Employee discount shopping schemes on major brands and retailers
13. Gym membership discounts
Main Responsibilities
14. Act as the organisation’s Technical Authority for OT cyber security, owning architectures, standards, and design patterns
15. Provide authoritative design assurance and approve OT system designs across the full lifecycle
16. Develop secure‑by‑design architectures for ICS/SCADA, PLCs, HMIs, historians, and OT networks
17. Lead consequence‑informed risk assessments, threat modelling, and vulnerability analysis
18. Govern product selection, configuration baselines, and secure deployment of OT security tooling
19. Oversee assurance activities including design reviews, penetration testing, red teaming, and supplier audits
20. Influence senior stakeholders on investment decisions, risk acceptance, and architectural direction
21. Drive continuous improvement by evolving OT security capabilities and developing scalable, modernised OT architectures
About You
At Thales, we are committed to equal opportunities and welcome all talented individuals to consider joining our team. So even if you don't match every statement below but feel you have some of the experience, knowledge or skills needed for this role, we encourage you to apply. It will take all of us working together to deliver solutions to the world’s most critical challenges.
Essential:
22. Degree in Cyber Security, Computer Science, Electrical Engineering, Control Systems Engineering, or a related technical field
23. Proven experience acting as a Technical Authority, Design Authority, or equivalent senior engineering role
24. Proven deep OT/ICS cyber expertise across SCADA, PLCs, DCS, BMS, industrial networking, and key protocols (e.g., Modbus, DNP3, OPC, Profinet)
25. Demonstrated understanding of consequence‑based risk models, safety‑critical dependencies, and secure‑by‑design principles
26. Proven hands‑on experience with OT security tooling, including monitoring, segmentation, asset discovery, and secure remote access
27. Demonstrated proficiency with OT monitoring platforms (e.g., Nozomi, Claroty, Dragos) and network analysis tools (e.g., Wireshark, Zeek)
28. Acquired strong knowledge of IEC 62443, NIS/NIS2, NCSC CAF, ISO 27001/27019, and relevant sector regulations
29. Demonstrated ability to lead security risk assessments, mitigation activities, and assurance processes
30. Proven experience applying cyber security to OT, IoT, or embedded environments
31. Demonstrated communication skills, translating complex concepts for senior stakeholders
32. Proven ability to lead complex technical decisions, challenge suppliers, and provide defensible recommendations
33. Proven ability to build trusted relationships with senior stakeholders and maintain a strong external network
34. A strong commitment to continuous learning and professional development
Desirable:
35. Postgraduate degree (MSc/MEng) in Cyber Security, Systems Engineering, Industrial Automation, or a related field
36. Experience in regulated OT environments such as defence, healthcare, policing, utilities, manufacturing, or critical infrastructure
37. Professional certifications such as GICSP, GRID, ISA/IEC 62443, CISSP, or CISM
38. Motivated by contributing to a safer, more secure world through Cybersecurity & Trust
If you’re ready to lead, influence, and engineer the next generation of OT cyber security, we’d love to receive your application.
Security Clearance Statement
Due to the nature of the work that we do at Thales, many of our roles are subject to security restrictions. This role requires Security Clearance (SC). It would be advantageous if currently held, however, if not currently held, it is a requirement that the successful applicant undergo, achieve, and maintain SC Clearance prior to commencing employment.
To be eligible for full SC, you generally need to have resided in the UK for the last 5 years. In some circumstances, a minimum of 3 years’ residence in the UK over the last 5 years may be accepted, with additional overseas checks.
Please visit the UKSV website for further guidance: .
#LI-VG1
At Thales, we ensure equal opportunities, pay and working conditions for all. The benefits we offer include private medical insurance, buying or selling annual leave, cycle to work schemes, employee discounts, paid volunteering day, stocks and shares, annual bonus and much more depending on the role. Read more about our benefits here.
We are committed to creating a workplace where everyone feels valued for who they are and the unique strengths they bring. Discover more about our programmes, employee networks, wellbeing policies, and inclusive features here.
If this role isn’t quite right for you, we encourage you to join our talent community where your details will be shared with our recruitment teams for other potential opportunities. Join the Talent Community here.
Join Thales in the UK – Innovate with us and shape the future!