Location: GBR Cheltenham Jessop House
Department: Cyber Services and Capabilities
Managing Consultant, Critical National Infrastructure
Location: Hybrid with regular travel to client and operational sites across the UK, sometimes at short notice.
Role Purpose
Operators of essential services face a rapidly evolving threat landscape, especially as IT and OT environments continue to converge and regulatory expectations rise. NCC Group’s Consulting & Implementation practice helps organisations strengthen cyber resilience by assessing risk, improving controls, implementing secure architectures, and preparing for regulatory oversight. Our OT capability covers IC4, SCADA, and industrial networks, with services including threat modelling, attack‑surface mapping, embedded and firmware review, and security architecture design.
Key Responsibilities
As a CNI Managing Consultant, you will help organisations navigate frameworks such as the Cyber Assessment Framework (CAF), NIS and NIS2, translating them into proportionate, actionable improvement plans. Your work directly strengthens the resilience of the UK’s critical sectors, which continue to face enduring and significant threat activity.
You will lead client engagements across the full consulting lifecycle from discovery and assessment through roadmap and implementation. The role includes shaping and delivering work in OT and CNI environments, preparing clients for regulator inspections, and providing clear recommendations that support safety, availability, and operational uptime.
Over the next 12–24 months, you will deliver measurable improvements in client resilience, maturity, and regulatory readiness. You may also integrate NCC Group’s wider capabilities, such as our Microsoft‑verified MXDR service for continuous monitoring and response.
Skills, Knowledge and Expertise
* Apply structured, evidence‑led assessment methods to identify risks and provide proportionate, achievable improvements
* Communicate clearly with engineering, operations, IT and leadership stakeholders, ensuring complex issues are presented in a way that informs decisions
* Lead delivery teams, ensure high‑quality outputs, and maintain strong relationships built on trust and clarity
* Navigate OT environments confidently, bringing practical understanding of IC4, SCADA, industrial networks, and the operational realities around safety and uptime
* Work effectively with regulatory frameworks such as NIS, NIS2, and the NCSC CAF
* Understand how to prepare organisations for regulatory oversight, including evidence‑packs and roadmap development
* Draw on wider capability where useful, including incident readiness and IT/OT convergence retainers delivered jointly with Dragos
* Hold SC clearance (or above)
Qualifications and certifications are helpful but not mandatory: GICSP, ISA/IEC 62443 certificates, CISSP, CISM, CSSA.
Benefits
* Flexible Working: Balance your work and personal life with our flexible working options
* Enhanced Holiday Allowance: 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave
* Medicash & Critical Illness Scheme
* Financial & Investment Benefits: Pension, Life Assurance, and Share Save Scheme
* Community & Volunteering Programmes: Opportunities to make a difference in your community
* Green Car Scheme: Eco‑friendly car scheme
* Cycle Scheme: Cycle‑to‑work scheme
* Special Time Off: Time off for major life events such as marriage, civil partnership, becoming a grandparent, or welcoming a new pet
* Family Planning: Maternity and paternity leave, and support for fertility treatments
This role involves mandatory pre‑employment background checks due to the nature of the work NCC Group does. You must be willing and able to undergo the vetting process.
We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
#J-18808-Ljbffr