Cyber Resilience Testing Lead in Reading

As a Cyber Resilience Testing Lead, you will play a key role within the Information Security team at Thames Water, supporting the Head of Cyber Resilience in delivering technical cyber resilience testing and vulnerability management activities across both IT and OT environments. Working closely with cybersecurity leadership, service owners, and technical teams, you will help ensure vulnerabilities are effectively identified, assessed, remediated, and evidenced across the organisation. This role contributes to Thames Water’s cyber resilience programme by providing technical assurance of defensive capabilities, supporting resilience testing initiatives, and ensuring vulnerability management processes are robust and effective. You will collaborate with stakeholders across the business to ensure testing and remediation activities are executed efficiently while maintaining high standards of documentation, reporting, and governance.

Security Clearance: CTC (Counter Terrorist Check) clearance is essential. You must currently hold or be able to attain CTC clearance for this role.

What you’ll be doing:

• Lead the technical validation of vulnerabilities, including severity assessment, exploitability analysis, and business impact evaluation across IT and OT environments.
• Perform advanced triage of vulnerabilities using industry-standard methodologies such as CVSS.
• Act as the technical escalation point for complex or disputed remediation plans, advising on compensating controls and risk acceptance.
• Maintain and update the central vulnerability register, ensuring accurate tracking from identification through to remediation.
• Assign ownership of vulnerabilities and track remediation progress to completion.
• Collect and validate remediation evidence, ensuring audit-ready documentation.
• Prepare reports and dashboards to support oversight by Cyber Resilience leadership.
• Design and maintain the annual penetration testing and red/purple team testing schedule.
• Review and validate testing outputs, including exploit paths and findings, ensuring technical accuracy.
• Translate testing findings into actionable remediation plans in collaboration with SOC, architecture, engineering, and OT teams.
• Support the coordination of penetration testing, red/purple teaming, and cyber stress testing activities.
• Provide subject matter expertise during cyber incidents, supporting technical investigation and response.
• Maintain readiness for regulatory compliance, ensuring testing and vulnerability evidence meets audit requirements.
• Support broader cyber resilience initiatives through operational and administrative activities.
• Maintain accurate records and contribute to reporting and regulatory submissions.

Base location: Hybrid – Clearwater Court, Reading. Working pattern: 36 hours Monday to Friday.

What you should bring to the role:

• Experience in cybersecurity, vulnerability management, or related technical security roles.
• Strong understanding of offensive security methodologies, including MITRE ATT&CK.
• Ability to analyse penetration testing reports in depth and translate findings into control improvements.
• Experience tracking vulnerability remediation and coordinating with stakeholders to ensure timely resolution.
• Experience working within critical infrastructure, utilities, or public sector environments.
• Strong organisational skills with the ability to manage multiple priorities and maintain accurate records.
• Excellent communication and interpersonal skills to engage technical and non-technical stakeholders.
• Ability to build strong working relationships and operate as a self-starter.

Technical experience and skills:

• Familiarity with vulnerability management tools such as ServiceNow, Tenable, or similar platforms.
• Knowledge of cybersecurity frameworks and standards such as ISO 27001, NIST, and CIS Controls.
• Proficiency in reporting and data analysis tools such as Excel, Power BI, or equivalent.
• Ability to validate vulnerabilities, interpret testing results, and support remediation planning.

Desirable qualifications and experience:

• Broader knowledge and experience within cybersecurity or information security.
• Experience with ICT/OT security testing, including PLCs, HMIs, and industrial protocols such as Modbus, DNP3, and OPC-UA.
• Experience producing technical dashboards reflecting vulnerability management and resilience maturity.
• Experience working with vendors or delivery partners on testing or remediation activities.
• Experience supporting penetration testing, red/purple teaming, or cyber stress testing programmes.
• Experience supporting regulatory compliance aligned to industry standards (e.g., SEMD, CAF).

Desirable technical skills and qualifications:

• Bachelor’s degree in Computer Science, IT, Cyber Security, or a related field (or equivalent experience).
• Professional certifications such as CompTIA Security+, CySA+, or similar (CISSP/CISM desirable but not essential).

What’s in it for you?

• Competitive salary between £68,000 and £78,000 per annum, depending on experience.
• Annual Leave – 26 days holiday per year, increasing to 30 with the length of service. (plus bank holidays)
• Generous Pension Scheme through AON.
• Performance-related pay plan directly linked to company performance measures and targets.
• Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers, and life assurance.