Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Independently assess and manage OT cyber risks in a dynamic environment.
- Company: Join a leading organisation delivering critical national infrastructure services.
- Benefits: Hybrid work model, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on safety and regulatory compliance in operational technology.
- Qualifications: 3-5+ years in cyber risk with hands-on experience in OT environments.
- Other info: Engage directly with stakeholders and enhance your risk management skills.
The predicted salary is between 36000 - 60000 £ per year.
We are supporting a large, highly regulated organisation delivering Critical National Infrastructure services. The environment spans complex IT and OT estates, where cyber risk directly intersects with safety, availability, and regulatory obligations.
They are seeking an OT Risk Specialist to strengthen their Governance, Risk & Compliance capability. This is a hands-on, delivery-focused role for a risk specialist who can independently identify, assess, articulate, and drive the management of OT cyber risk across live operational environments.
This role is not about frameworks for the sake of frameworks. It is about practical risk ownership, clear judgement, and credible challenge. You will be trusted to operate with minimal hand-holding, working directly with engineers, risk owners, and leadership to ensure OT risks are properly understood and proportionately treated.
What you’ll be doing:
- Independently deliver qualitative and quantitative OT cyber risk assessments, using recognised risk methodologies and sound professional judgement.
- Identify, assess, document, and actively manage OT and ICS cyber risks across operational and enterprise environments.
- Own and maintain OT risk registers end-to-end, including risk statements, treatments, control profiles, and supporting evidence.
- Engage directly with OT stakeholders (engineering, operations, maintenance) to understand asset criticality, safety implications, and operational constraints without disrupting live services.
- Translate technical OT risk into clear business impact, covering safety, availability, regulatory exposure, and financial risk.
- Support supply chain and third-party OT cyber risk assessments, including remote access, managed service providers, and vendor connectivity.
- Provide credible input into governance forums, reporting, and assurance activities, representing OT risk with authority and clarity.
- Contribute to the ongoing maturity of OT risk and risk quantification practices, improving consistency and decision-making.
- Support compliance with internal controls and external regulatory and legislative obligations relevant to CNI and OT environments.
What you’ll bring:
- ~3–5+ years’ experience in cyber or information security risk, with practical exposure to OT / ICS environments.
- ~ Proven experience delivering risk assessments independently, from scoping through to treatment and reporting.
- ~ Strong working knowledge of risk frameworks such as ISO 27005, OCTAVE, FAIR / FAST, with the ability to apply them pragmatically.
- ~ Exposure to OT and regulatory standards including IEC 62443, NIS / CAF (or NIS-D CAF), NIST CSF, ISO 27001.
- ~ Confidence engaging and challenging senior technical and operational stakeholders without escalation or supervision.
- ~ A delivery mindset: comfortable making decisions, documenting risk clearly, and moving work forward without hand-holding.
Senior Risk Management Specialist in London employer: Bestman Solutions
Contact Detail:
Bestman Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Risk Management Specialist in London
✨Tip Number 1
Network like a pro! Reach out to professionals in the OT and cyber risk space on LinkedIn. Join relevant groups, participate in discussions, and don’t be shy about asking for informational interviews. We all know that sometimes it’s not just what you know, but who you know!
✨Tip Number 2
Prepare for those interviews by practising your responses to common risk management scenarios. Think about how you would handle specific OT risks and articulate your thought process clearly. We want you to showcase your practical judgement and delivery mindset!
✨Tip Number 3
When you get the chance to meet with potential employers, make sure to ask insightful questions about their current risk management practices. This shows you’re genuinely interested and helps you understand how you can contribute. Remember, we’re looking for that credible challenge!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets the attention it deserves. Plus, we love seeing candidates who are proactive and engaged in the process. Let’s get you that Senior Risk Management Specialist role!
We think you need these skills to ace Senior Risk Management Specialist in London
Some tips for your application 🫡
Tailor Your Application: Make sure to customise your CV and cover letter to highlight your experience in OT and ICS environments. We want to see how your skills align with the specific requirements of the Senior Risk Management Specialist role.
Showcase Your Experience: Don’t just list your past roles; explain how you’ve independently delivered risk assessments and managed cyber risks. We’re looking for concrete examples that demonstrate your hands-on experience and decision-making abilities.
Be Clear and Concise: When writing your application, keep it straightforward. Use clear language to articulate your understanding of risk management and its impact on safety and compliance. We appreciate a well-structured application that gets straight to the point.
Apply Through Our Website: We encourage you to submit your application through our website. It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, it shows you’re keen to join our team!
How to prepare for a job interview at Bestman Solutions
✨Know Your Risk Methodologies
Make sure you brush up on recognised risk methodologies like ISO 27005 and OCTAVE. Be ready to discuss how you've applied these frameworks in practical scenarios, especially in OT environments. This shows you can translate theory into real-world applications.
✨Engage with Stakeholders
Prepare to talk about your experience engaging with various stakeholders, from engineers to leadership. Think of examples where you’ve successfully communicated technical risks in a way that resonates with non-technical audiences. This will demonstrate your ability to bridge the gap between technical and business perspectives.
✨Showcase Your Delivery Mindset
Highlight instances where you’ve taken ownership of risk assessments from start to finish. Discuss how you’ve made decisions independently and moved projects forward without needing constant guidance. This aligns perfectly with the hands-on nature of the role.
✨Understand the Regulatory Landscape
Familiarise yourself with relevant regulatory standards like IEC 62443 and NIST CSF. Be prepared to discuss how compliance impacts risk management in OT environments. Showing that you understand the regulatory obligations will set you apart as a knowledgeable candidate.
