Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct hands-on OT cyber risk assessments and manage operational risks.
- Company: Join a leading organisation delivering Critical National Infrastructure services.
- Benefits: Hybrid work model, competitive pay, and opportunities for professional growth.
- Why this job: Make a real impact on cyber resilience in a dynamic environment.
- Qualifications: 3-5 years in cyber security risk with knowledge of OT/ICS environments.
- Other info: Collaborate with diverse teams and enhance your skills in a supportive setting.
The predicted salary is between 36000 - 60000 £ per year.
We are working with a large, regulated organisation delivering Critical National Infrastructure (CNI) services. Operating across complex IT and OT environments, the organisation places strong emphasis on cyber resilience, regulatory compliance, and effective OT risk management.
They are seeking an OT Risk Analyst to support their Governance, Risk & Compliance (GRC) function. This is a hands-on delivery role focused on identifying, assessing, and managing OT cyber risks across operational environments, ensuring risks are understood, proportionately treated, and accurately reported.
The role reports into the Information Security Manager and works closely with OT engineering, IT security teams, risk owners, and third-party suppliers to ensure operational cyber risks are visible, controlled, and aligned to business and safety priorities.
What you’ll be doing:
- Deliver qualitative and quantitative OT cyber risk assessments using recognised risk management approaches.
- Identify, assess, document, and monitor OT and ICS security risks across enterprise and operational environments.
- Maintain accurate and up-to-date risk registers, including risk treatment plans, control profiles, and supporting evidence.
- Work with OT stakeholders (engineering, operations, maintenance) to understand asset criticality, safety impacts, and operational constraints.
- Support the wider GRC function by gathering OT risk-related data and contributing to mitigation planning, reporting, and governance forums.
- Support supply chain and third-party OT cyber risk assessments, working with assurance teams to assess vendor connectivity, remote access, and managed service risks.
- Contribute to the development of OT risk quantification capability, translating technical risk into business impact (including safety, availability, regulatory exposure, and financial outcomes).
- Support compliance with internal controls and external regulatory and legislative requirements (including those relevant to CNI and OT environments).
What you’ll bring:
- 3–5 years’ experience in cyber / information security risk, with demonstrable exposure to OT/ICS environments.
- Strong understanding of risk frameworks such as ISO 27005, OCTAVE, FAIR/FAST.
- Exposure to OT and regulatory standards/frameworks such as IEC 62443, NIS / CAF (or NIS-D CAF), NIST Cybersecurity Framework & ISO 27001.
- Hands-on experience conducting risk assessments and supporting ongoing risk management (registers, treatments, reporting).
- Strong stakeholder skills, able to engage technical and non-technical teams across IT, OT, and the wider business.
IT/OT Risk Contractor in England employer: Bestman Solutions
Contact Detail:
Bestman Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT/OT Risk Contractor in England
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend relevant meetups or webinars, and don’t be shy about asking for informational interviews. The more connections you make, the better your chances of landing that OT Risk Analyst gig.
✨Tip Number 2
Show off your skills! Prepare a portfolio or case studies that highlight your experience with risk assessments and management in OT environments. This will give potential employers a clear picture of what you can bring to the table.
✨Tip Number 3
Tailor your approach! When you’re applying, make sure to align your experiences with the specific requirements of the job. Use the same language as the job description to show you’re a perfect fit for their needs.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of resources to help you prepare for interviews and connect with the right people. Plus, it shows you’re genuinely interested in joining our team!
We think you need these skills to ace IT/OT Risk Contractor in England
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the job description. Highlight your experience in cyber and information security risk, especially in OT/ICS environments. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for the OT Risk Analyst role. Share specific examples of your past work that relate to the responsibilities mentioned in the job description.
Showcase Your Technical Knowledge: We’re keen on seeing your understanding of risk frameworks like ISO 27005 and NIST Cybersecurity Framework. Make sure to mention any relevant certifications or training you've completed that demonstrate your expertise in these areas.
Apply Through Our Website: Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it makes the whole process smoother for everyone involved.
How to prepare for a job interview at Bestman Solutions
✨Know Your Risk Frameworks
Make sure you brush up on key risk frameworks like ISO 27005 and NIST Cybersecurity Framework. Be ready to discuss how you've applied these in past roles, especially in OT/ICS environments. This shows you’re not just familiar with the theory but can also put it into practice.
✨Showcase Your Stakeholder Skills
Prepare examples of how you've engaged with both technical and non-technical teams. Highlight your ability to communicate complex risk concepts clearly. This is crucial for the role, as you'll need to work closely with various stakeholders across IT and OT.
✨Demonstrate Hands-On Experience
Be ready to talk about your hands-on experience with risk assessments and management. Discuss specific projects where you maintained risk registers or developed treatment plans. Concrete examples will help illustrate your capability in this area.
✨Understand the Business Impact
Familiarise yourself with how OT risks translate into business impacts, including safety and financial outcomes. Prepare to discuss how you've quantified risks in previous roles and contributed to mitigation planning. This will show that you understand the bigger picture beyond just technical details.
