Lead Incident Response Consultant – CNI & Industrial Cyber (Remote)
In an era where cyber threats have moved from data theft to physical disruption, the stakes for Operational Technology (OT) have never been higher. We are partnering with a well-regarded UK Cyber Security consultancy evolving their OT incident response practice.
This is a rare opportunity to own and develop a specialist OT Incident Response service line, bringing to market a proprietary vision of best practice that protects the utilities, transport, and energy systems the country relies on.
The Role
You will act as the technical authority and architect of the OT IR service. This is not just about closing tickets; it’s about building the playbooks, the methodology, and the team that responds when the lights go out.
* Serve as the Senior Incident Coordinator during high-stakes OT/ICS security events.
* Design and implement bespoke OT-specific IR playbooks, moving away from IT-standard responses to safety-first industrial methodologies.
* Act as a thought leader, advising C-Suite stakeholders at major CNI organisations on resilience and recovery.
* Shape the next generation of responders, bridging the gap between SOC analysts and field engineers.
What You'll Bring
* Deep understanding of ICS/SCADA environments and why rebooting is the last resort
* Hands-on experience with industrial protocols such as Modbus or DNP3 and OT-native tools like Nozomi, Claroty, or Dragos
* Ideally GICSP, GRID, or similar, combined with a background in regulated CNI environments
* A desire to move beyond a purely technical role and into a position where you define how a service is brought to market