Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct OT cyber risk assessments and manage risks across operational environments.
- Company: Join a leading organisation delivering Critical National Infrastructure services.
- Benefits: Hybrid work model, competitive pay, and opportunities for professional growth.
- Why this job: Make a real impact on cyber resilience in a dynamic and critical sector.
- Qualifications: 3-5 years in cyber security risk with knowledge of OT/ICS environments.
- Other info: Collaborate with diverse teams and enhance your skills in a supportive environment.
The predicted salary is between 36000 - 60000 £ per year.
We are working with a large, regulated organisation delivering Critical National Infrastructure (CNI) services. Operating across complex IT and OT environments, the organisation places strong emphasis on cyber resilience, regulatory compliance, and effective OT risk management.
They are seeking an OT Risk Analyst to support their Governance, Risk & Compliance (GRC) function. This is a hands-on delivery role focused on identifying, assessing, and managing OT cyber risks across operational environments, ensuring risks are understood, proportionately treated, and accurately reported.
The role reports into the Information Security Manager and works closely with OT engineering, IT security teams, risk owners, and third-party suppliers to ensure operational cyber risks are visible, controlled, and aligned to business and safety priorities.
What you’ll be doing:
- Deliver qualitative and quantitative OT cyber risk assessments using recognised risk management approaches.
- Identify, assess, document, and monitor OT and ICS security risks across enterprise and operational environments.
- Maintain accurate and up-to-date risk registers, including risk treatment plans, control profiles, and supporting evidence.
- Work with OT stakeholders (engineering, operations, maintenance) to understand asset criticality, safety impacts, and operational constraints.
- Support the wider GRC function by gathering OT risk-related data and contributing to mitigation planning, reporting, and governance forums.
- Support supply chain and third-party OT cyber risk assessments, working with assurance teams to assess vendor connectivity, remote access, and managed service risks.
- Contribute to the development of OT risk quantification capability, translating technical risk into business impact (including safety, availability, regulatory exposure, and financial outcomes).
- Support compliance with internal controls and external regulatory and legislative requirements (including those relevant to CNI and OT environments).
What you’ll bring:
- 3–5 years’ experience in cyber / information security risk, with demonstrable exposure to OT/ICS environments.
- Strong understanding of risk frameworks such as ISO 27005, OCTAVE, FAIR/FAST.
- Exposure to OT and regulatory standards/frameworks such as IEC 62443, NIS / CAF (or NIS-D CAF), NIST Cybersecurity Framework & ISO 27001.
- Hands-on experience conducting risk assessments and supporting ongoing risk management (registers, treatments, reporting).
- Strong stakeholder skills, able to engage technical and non-technical teams across IT, OT, and the wider business.
IT/OT Risk Contractor in London employer: Bestman Solutions
Contact Detail:
Bestman Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land IT/OT Risk Contractor in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend relevant meetups or webinars, and don’t be shy about connecting on LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream role.
✨Tip Number 2
Prepare for those interviews by brushing up on your knowledge of OT risk management and cyber resilience. We recommend doing mock interviews with friends or using online platforms to get comfortable talking about your experience and how it relates to the job.
✨Tip Number 3
Showcase your skills through real-world examples. When discussing your experience, focus on specific projects where you’ve identified and managed OT cyber risks. We want to see how you’ve made an impact in previous roles!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive and engaged in their job search.
We think you need these skills to ace IT/OT Risk Contractor in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the job description. Highlight your experience in cyber and information security risk, especially in OT/ICS environments. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about OT risk management and how your background makes you a perfect fit for our team. Keep it engaging and relevant to the role.
Showcase Relevant Experience: When detailing your experience, focus on specific projects or roles where you've conducted risk assessments or managed cyber risks. We love seeing concrete examples of how you've made an impact in previous positions.
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Bestman Solutions
✨Know Your Risk Frameworks
Make sure you brush up on key risk frameworks like ISO 27005 and IEC 62443 before the interview. Being able to discuss these frameworks confidently will show that you understand the foundations of OT risk management and can apply them in real-world scenarios.
✨Prepare for Technical Questions
Expect some technical questions about cyber risk assessments and how you’ve handled them in the past. Be ready to share specific examples from your experience, especially those that highlight your hands-on skills in managing OT/ICS environments.
✨Engage with Stakeholders
Since this role involves working closely with various teams, think of ways to demonstrate your stakeholder engagement skills. Prepare examples of how you've successfully collaborated with both technical and non-technical teams to manage risks effectively.
✨Show Your Compliance Knowledge
Familiarise yourself with relevant regulatory standards and compliance requirements. Be prepared to discuss how you’ve ensured compliance in previous roles, as this will be crucial for the organisation's governance, risk, and compliance function.
