Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Conduct hands-on OT cyber risk assessments and manage risks across operational environments.
- Company: Join a leading organisation delivering critical national infrastructure services.
- Benefits: Hybrid work model, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on safety and compliance in a dynamic tech environment.
- Qualifications: 3-5 years in cyber risk with experience in OT/ICS environments required.
- Other info: Engage directly with engineers and leadership to drive risk management.
The predicted salary is between 36000 - 60000 £ per year.
We are supporting a large, highly regulated organisation delivering Critical National Infrastructure services. The environment spans complex IT and OT estates, where cyber risk directly intersects with safety, availability, and regulatory obligations.
They are seeking an OT Risk Specialist to strengthen their Governance, Risk & Compliance capability. This is a hands-on, delivery-focused role for a risk specialist who can independently identify, assess, articulate, and drive the management of OT cyber risk across live operational environments.
This role is not about frameworks for the sake of frameworks. It is about practical risk ownership, clear judgement, and credible challenge. You will be trusted to operate with minimal hand-holding, working directly with engineers, risk owners, and leadership to ensure OT risks are properly understood and proportionately treated.
What you’ll be doing:
- Independently deliver qualitative and quantitative OT cyber risk assessments, using recognised risk methodologies and sound professional judgement.
- Identify, assess, document, and actively manage OT and ICS cyber risks across operational and enterprise environments.
- Own and maintain OT risk registers end-to-end, including risk statements, treatments, control profiles, and supporting evidence.
- Engage directly with OT stakeholders (engineering, operations, maintenance) to understand asset criticality, safety implications, and operational constraints without disrupting live services.
- Translate technical OT risk into clear business impact, covering safety, availability, regulatory exposure, and financial risk.
- Support supply chain and third-party OT cyber risk assessments, including remote access, managed service providers, and vendor connectivity.
- Provide credible input into governance forums, reporting, and assurance activities, representing OT risk with authority and clarity.
- Contribute to the ongoing maturity of OT risk and risk quantification practices, improving consistency and decision-making.
- Support compliance with internal controls and external regulatory and legislative obligations relevant to CNI and OT environments.
What you’ll bring:
- 3–5+ years’ experience in cyber or information security risk, with practical exposure to OT / ICS environments.
- Proven experience delivering risk assessments independently, from scoping through to treatment and reporting.
- Strong working knowledge of risk frameworks such as ISO 27005, OCTAVE, FAIR / FAST, with the ability to apply them pragmatically.
- Exposure to OT and regulatory standards including IEC 62443, NIS / CAF (or NIS-D CAF), NIST CSF, ISO 27001.
- Confidence engaging and challenging senior technical and operational stakeholders without escalation or supervision.
- A delivery mindset: comfortable making decisions, documenting risk clearly, and moving work forward without hand-holding.
Risk Management Specialist in London employer: Bestman Solutions
Contact Detail:
Bestman Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Risk Management Specialist in London
✨Tip Number 1
Network like a pro! Reach out to professionals in the risk management field on LinkedIn or at industry events. We can’t stress enough how important it is to make connections that could lead to job opportunities.
✨Tip Number 2
Prepare for interviews by practising common questions related to OT cyber risk. We recommend using the STAR method (Situation, Task, Action, Result) to structure your answers. This will help you showcase your experience effectively!
✨Tip Number 3
Showcase your expertise! Create a portfolio or a personal website where you can share case studies of your previous risk assessments and projects. This gives potential employers a tangible sense of your skills and experience.
✨Tip Number 4
Don’t forget to apply through our website! We’ve got loads of opportunities waiting for you, and applying directly can sometimes give you an edge. Plus, it’s super easy to keep track of your applications!
We think you need these skills to ace Risk Management Specialist in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter for the Risk Management Specialist role. Highlight your experience in cyber or information security risk, especially in OT/ICS environments, and show how your skills align with what we’re looking for.
Showcase Your Experience: Don’t just list your previous jobs; explain how your past roles have prepared you for this position. Talk about specific projects where you delivered risk assessments or engaged with stakeholders, as this will demonstrate your hands-on experience.
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language to articulate your understanding of OT risks and how you’ve managed them. We appreciate a no-nonsense approach that gets straight to the point!
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Bestman Solutions
✨Know Your Risk Frameworks
Make sure you brush up on your knowledge of risk frameworks like ISO 27005 and IEC 62443. Be ready to discuss how you've applied these frameworks in real-world scenarios, as this will show your practical understanding and ability to translate theory into action.
✨Demonstrate Your Delivery Mindset
Prepare examples that highlight your ability to make decisions and move projects forward independently. Share specific instances where you’ve taken ownership of a risk assessment from start to finish, showcasing your proactive approach and delivery-focused mindset.
✨Engage with Technical Stakeholders
Think about how you can effectively communicate with engineers and operational teams. Prepare to discuss how you've previously engaged with technical stakeholders to understand their concerns and how you managed to convey complex risk information in a clear and impactful way.
✨Showcase Your Problem-Solving Skills
Be ready to tackle hypothetical scenarios during the interview. Practice articulating how you would identify, assess, and manage OT cyber risks in a live operational environment, demonstrating your critical thinking and problem-solving abilities under pressure.
