The OT Incident Responder supports the delivery of incident response services to Bridewell’s CNI clients. This role focuses on hands‑on investigation, containment, and recovery activities in industrial environments, working under the guidance of senior responders and incident leads.
This role is suited to responders building depth in OT incident response, with strong technical foundations and a desire to develop specialist OT and ICS expertise.
* Support the investigation and response to security incidents across client environments, following established playbooks and procedures.
* Perform triage, analysis, and validation of security alerts escalated from SOC monitoring.
* Assist with containment and remediation activities, ensuring actions account for operational safety and availability.
* Contribute to the preparation and maintenance of OT‑specific incident response documentation, playbooks, and procedures.
* Support senior responders during live IT and OT incidents, including evidence collection, analysis, and reporting.
* Assist customers with post‑incident activities, including lessons learned and recovery planning.
* Support SOC teams, acting as an escalation point.
* Participate in an incident response on‑call rotation as required.
* Develop personal capability in OT technologies, industrial protocols, and sector‑specific threats through training and hands‑on experience.
You will need to have experience in:
* Experience or strong exposure to industrial control systems (ICS), SCADA, or OT environments.
* Familiarity with common OT protocols such as Modbus, DNP3, and OPC.
* Understanding of core incident response principles across detection, containment, and recovery phases.
* Experience supporting investigations within regulated or safety‑critical environments.
* Familiarity with OT security tools such as Nozomi, Forescout, or Claroty is desirable.
* Awareness of frameworks such as IEC 62443, NIST CSF, NIS Regulations, and the Purdue Model.
* Clear written and verbal communication skills, particularly for documenting technical findings.
* Relevant certifications (or working towards), such as GRID or GICSP, are desirable.
This position requires travel to client locations, up to 50% of working time, with expenses. The role will require on‑call responsibilities as part of the OT incident response rotation.
Why Join Us?
* Competitive Salary
* 25 Days Holiday - Plus buy and sell options
* Flexible Working (around core office hours)
* Company Pension
* Employee Shareholder Scheme
* Dedicated Training Budget
* Life Assurance
* Cycle to Work Scheme
* Electric Vehicle Scheme
* Private Healthcare (incl. Gym discounts)
* Vision Care
* Birthday off (After 1 year)
Bridewell values diversity in the workplace and is a fair and equal opportunity employer. We are committed to creating an equal and inclusive working environment, with the aim that our employees will be truly representative of all sections of society and each person feels respected and able to give their best.
#J-18808-Ljbffr