Experience & Skills: Must have: 10 years in cyber resilience / cyber programme delivery / operating model change in large, regulated enterprises (CNI preferred: water, energy, utilities, transport, healthcare). Exceptional communication: storytelling, exec decks, clear visuals, concise decision papers. Highly organised, proactive, outcome driven; adept at prioritisation and evidence-based reporting. Proven bridge role experience between suppliers/consultancies and internal Product Owner/Execs. Hands on with operating model design/embedding, governance set up, and stakeholder management at CIO/CISO/SLT level. Strong knowledge of NIS Regulations, NCSC CAF, ISO/IEC 27001, and BCM/IR practices; familiarity with SEMD and sector guidance. Demonstrable experience delivering table top exercises, scenario design, and recovery validation. Familiarity with IT/OT environments and systems (e.g., SCADA, SAP ECC, core ERP/CRM). Comfort with CMDB/ServiceNow, dependency mapping, and recovery sequencing concepts. Mandatory Skills: OT / IOT Security Operations (SecOps). Role purpose: To act as the senior bridge between the Product Owner and Thames Cyber Resilience 3rd party delivery partner to drive the formalisation, socialisation, and embedding of Thames Waters Digital Resilience Strategy and Digital Resilience Target Operating Model (DRTOM). The Cyber resilience engagement lead will shape and deliver the stakeholder engagement strategy, translate supplier outputs into clear, executive ready insights, and orchestrate the governance integration and operating rhythm that enables measurable improvements to Thames Waters digital resilience posture. Key Responsibilities: Strategy & TOM Enablement Governance Integration & Operating Rhythm Digital Resilience Op-Model Factory (DROF) Stakeholder Engagement & Comms Regulatory Alignment & Reporting MVB ? Bizzdesign Integration Support