Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct hands-on OT cyber risk assessments and manage risks across operational environments.
- Company: Join a leading organisation delivering critical national infrastructure services.
- Benefits: Hybrid work model, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on safety and compliance in a dynamic tech environment.
- Qualifications: 3-5+ years in cyber security risk with experience in OT/ICS environments.
- Other info: Engage directly with engineers and leadership to drive risk management.
The predicted salary is between 36000 - 60000 £ per year.
We are supporting a large, highly regulated organisation delivering Critical National Infrastructure services. The environment spans complex IT and OT estates, where cyber risk directly intersects with safety, availability, and regulatory obligations. They are seeking an OT Risk Specialist to strengthen their Governance, Risk & Compliance capability. This is a hands-on, delivery-focused role for a risk specialist who can independently identify, assess, articulate, and drive the management of OT cyber risk across live operational environments.
This role is not about frameworks for the sake of frameworks. It is about practical risk ownership, clear judgement, and credible challenge. You will be trusted to operate with minimal hand-holding, working directly with engineers, risk owners, and leadership to ensure OT risks are properly understood and proportionately treated.
What you’ll be doing:
- Independently deliver qualitative and quantitative OT cyber risk assessments, using recognised risk methodologies and sound professional judgement.
- Identify, assess, document, and actively manage OT and ICS cyber risks across operational and enterprise environments.
- Own and maintain OT risk registers end-to-end, including risk statements, treatments, control profiles, and supporting evidence.
- Engage directly with OT stakeholders (engineering, operations, maintenance) to understand asset criticality, safety implications, and operational constraints without disrupting live services.
- Translate technical OT risk into clear business impact, covering safety, availability, regulatory exposure, and financial risk.
- Support supply chain and third-party OT cyber risk assessments, including remote access, managed service providers, and vendor connectivity.
- Provide credible input into governance forums, reporting, and assurance activities, representing OT risk with authority and clarity.
- Contribute to the ongoing maturity of OT risk and risk quantification practices, improving consistency and decision-making.
- Support compliance with internal controls and external regulatory and legislative obligations relevant to CNI and OT environments.
What you’ll bring:
- 3–5+ years’ experience in cyber or information security risk, with practical exposure to OT / ICS environments.
- Proven experience delivering risk assessments independently, from scoping through to treatment and reporting.
- Strong working knowledge of risk frameworks such as ISO 27005, OCTAVE, FAIR / FAST, with the ability to apply them pragmatically.
- Exposure to OT and regulatory standards including IEC 62443, NIS / CAF (or NIS-D CAF), NIST CSF, ISO 27001.
- Confidence engaging and challenging senior technical and operational stakeholders without escalation or supervision.
- A delivery mindset: comfortable making decisions, documenting risk clearly, and moving work forward without hand-holding.
Risk Management Specialist in City of London employer: Bestman Solutions
Contact Detail:
Bestman Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Risk Management Specialist in City of London
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the industry. Attend events, webinars, or even local meetups. The more people you know, the better your chances of landing that Risk Management Specialist gig.
✨Tip Number 2
Show off your skills! Create a portfolio or case studies showcasing your past risk assessments and how you've tackled OT cyber risks. This will give potential employers a clear picture of what you can bring to the table.
✨Tip Number 3
Don’t just apply – engage! When you find a role that excites you, reach out to the hiring manager or team members on LinkedIn. Ask questions about the role and express your enthusiasm. It shows initiative and can set you apart from other candidates.
✨Tip Number 4
Keep it real during interviews. Be prepared to discuss how you’ve independently managed OT risks and made decisions without hand-holding. Use specific examples to demonstrate your delivery mindset and ability to challenge stakeholders confidently.
We think you need these skills to ace Risk Management Specialist in City of London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in cyber risk, especially in OT/ICS environments. We want to see how your skills align with the specific requirements of the Risk Management Specialist role.
Showcase Your Experience: Don’t just list your previous roles; explain how you’ve independently delivered risk assessments and managed OT risks. Use concrete examples that demonstrate your hands-on experience and decision-making abilities.
Be Clear and Concise: When writing your application, keep it straightforward. We appreciate clarity, so avoid jargon and focus on articulating your points effectively. Remember, we’re looking for credible communication that translates technical risk into business impact.
Apply Through Our Website: We encourage you to submit your application directly through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it makes the process smoother for everyone involved!
How to prepare for a job interview at Bestman Solutions
✨Know Your Risk Frameworks
Make sure you brush up on your knowledge of risk frameworks like ISO 27005 and IEC 62443. Be ready to discuss how you've applied these frameworks in real-world scenarios, as this will show your practical understanding and ability to use them effectively.
✨Demonstrate Practical Experience
Prepare to share specific examples from your past roles where you've independently delivered risk assessments. Highlight your hands-on experience with OT/ICS environments and how you've managed risks without needing constant supervision.
✨Engage with Stakeholders
Think about how you can effectively communicate technical risks to non-technical stakeholders. Practice translating complex OT risks into clear business impacts, focusing on safety, availability, and regulatory implications, as this will be crucial in the role.
✨Show Your Delivery Mindset
Be ready to discuss situations where you've made decisions and moved projects forward independently. Emphasise your ability to document risks clearly and your comfort in challenging senior stakeholders, as this aligns perfectly with what they’re looking for.
