Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber security projects to protect critical infrastructure and mentor junior consultants.
- Company: Join NCC Group, a leader in cyber assurance services with a global impact.
- Benefits: Enjoy flexible working, wellness programmes, and generous parental leave.
- Why this job: Make a real difference in securing vital systems while growing your career.
- Qualifications: Experience in cyber security and project leadership in industrial environments.
- Other info: Collaborate with innovative companies and thrive in a supportive team culture.
The predicted salary is between 43200 - 72000 £ per year.
Location: Manchester
Please note: Applications will close on Sunday, 4 January 2026. Our review process will commence on Friday, 2 January 2026. We appreciate your interest and look forward to connecting with you soon. Wishing you an enjoyable festive season.
Role Purpose
As a Principal OT Consultant in NCC Group's Global OT Consulting and Implementation (C&I) division, you will be at the forefront of protecting critical infrastructure. Your role is pivotal in providing advanced Cyber Security Assurance and Engineering to suppliers, owners, and operators, helping them safeguard essential processes and equipment. You will lead project teams, build and maintain trusted client relationships, and spearhead assessments. You will translate complex technical findings into clear, actionable roadmaps and ensure adherence to internal policies. Moreover, you will play a key role in supporting sales activities and mentoring junior consultants, contributing to our collective growth. You will also work closely with the OT Practice Director to expand our global engineering capabilities, which includes remote and on-site work in industrial environments like manufacturing, energy generation, oil & gas, and transportation systems.
Summary
NCC Group specializes in offering comprehensive, engineering-focused cyber assurance services. Our goal is to assist organizations in understanding their operating environment and technology risks, then implementing robust safeguards. Our services encompass a wide range of disciplines, including:
- Strategic & Architectural Services: Roadmaps, Architecture design and review, IT/OT convergence assessments, and digital transformation programs.
- Risk & Assessment: Threat modeling, risk assessments, gap analyses against standards like IEC 62443, and pre/post-merger & acquisition due diligence.
- Operational Security: Testing on equipment and production facilities, developing processes and guidelines for reliable and safe operations, security awareness training, and incident response planning.
- Advanced Capabilities: Managed services, DFIR (Digital Forensics and Incident Response), Penetration Testing, and Safety reviews.
This role offers a unique opportunity for experienced cyber security professionals to leverage their skills to deliver high-quality, impactful solutions and foster enduring client relationships.
What we are looking for in you
- Technical Expertise: Successfully apply cyber security engineering patterns to constrained operating environments, including industrial control systems (ICS), distributed control systems (DCS), and their integration with enterprise systems. Design and implement security controls specific to industrial environments (e.g., manufacturing, energy (DER), water, and/or transportation). Provide expert consulting services for IT/OT convergence challenges and solutions.
- Project Leadership & Execution: Lead engagements and workshops with suppliers and operators to facilitate IEC 62443 Initial Risk Assessments and prepare security cases for regulatory submission. Deliver projects that result in high-fidelity, fact-based technical reports and impactful, executive-level presentations. Perform comprehensive gap analyses against industrial and critical infrastructure standards and frameworks.
- Analytical Abilities: Understand and interpret Data Flow Diagrams (DFDs), Functional Design Specifications (FDS), Bills of Materials (BOM/SBOM), High/Low-Level Design (HLD/LLD), and network architecture diagrams. Combine threat modeling methodologies like MITRE with frameworks such as IEC 62443.
- Operational & Communication Skills: Excellent communication, consulting, and presentation skills, with exceptional written reporting abilities. Possess practical experience as a controls systems engineer or in industrial engineering, with a strong prioritization of the safety of people, equipment, and the environment. Willingness to travel to client industrial sites as necessary and support international teams remotely.
Desired Skills and Qualifications
- Relevant Certifications: Industry-recognized certifications such as CISSP, CISM, CRISC, CISA, or a recognized OT qualification like GIAC GICSP.
- Industry Experience: Have delivered OT projects within a critical infrastructure client environment.
- Consulting Proficiency: Demonstrate proficiency in working collaboratively with customers in high-value, fast-paced engagements.
- Operational Background: Possess work experience in an operational environment, with a background in Safety.
Behaviours
- Focusing on Clients and Customers.
- Working as One NCC.
- Always Learning.
- Being Inclusive and Respectful.
- Delivery Brilliantly.
- Enabling Performance.
Why Join Us?
At NCC Group, your mission is to help create a more secure digital future. You will work on high-impact projects, cutting-edge research, and real-world security challenges. We partner with some of the world’s most innovative companies and we want you to be part of that journey. You will join a global team of specialists who thrive on solving complex problems. We invest in your development and well-being, and we have built an environment where you can grow, professionally, personally, and technically. So, ready to join us?
What’s In It For You?
- Flexible working
- Pension, life assurance, share save scheme
- Generous parental leave
- Community & volunteering programmes
- Green car scheme
- Cycle to work scheme
- Wellness programmes
- Learning & development opportunities
- Employee referral bonuses
If this sounds like the right fit, we would love to hear from you. Click apply to submit your CV and cover letter. Or email us at global.ta@nccgroup.com.
Your Application: We review every application. If your profile matches, we will be in touch. If not, don’t be discouraged, we may keep your details for future roles. If you prefer we don’t, just email us to opt out. Need reasonable adjustments? Let us know at any point during the process. Note: This role requires pre-employment background checks (BS7858 screening) due to the nature of the work.
Principal Consultant in London employer: NCC Group
Contact Detail:
NCC Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Principal Consultant in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can land you that Principal Consultant role.
✨Tip Number 2
Prepare for interviews by researching the company and its projects. Understand their approach to cyber security assurance and be ready to discuss how your experience aligns with their needs. We want you to shine and show them why you’re the perfect fit!
✨Tip Number 3
Practice your presentation skills! As a Principal Consultant, you’ll need to communicate complex ideas clearly. We suggest doing mock presentations with friends or mentors to get comfortable. The more you practice, the more confident you’ll feel when it counts.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who take the initiative to connect directly with us. So, hit that apply button and let’s get the conversation started!
We think you need these skills to ace Principal Consultant in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV reflects the skills and experiences that align with the Principal Consultant role. Highlight your technical expertise in cyber security and any relevant project leadership experience to catch our eye!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your background makes you a perfect fit for our team. Keep it engaging and personal.
Showcase Your Communication Skills: Since this role involves a lot of client interaction, demonstrate your excellent communication skills in your application. Whether it's through clear writing or presenting complex ideas simply, we want to see how you can connect with clients.
Apply Through Our Website: We encourage you to apply directly through our website for the best chance of being noticed. It’s straightforward and ensures your application goes straight to the right people. Plus, we love seeing applications come through our platform!
How to prepare for a job interview at NCC Group
✨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of cyber security engineering patterns, especially in constrained operating environments. Be ready to discuss how you've applied these principles in real-world scenarios, particularly with industrial control systems.
✨Showcase Your Project Leadership Skills
Prepare examples of how you've led engagements and workshops in the past. Highlight your experience in delivering high-fidelity technical reports and impactful presentations, as this will demonstrate your ability to lead project teams effectively.
✨Communicate Clearly and Confidently
Practice articulating complex technical findings in a way that's easy to understand. Your communication skills are crucial, so be prepared to showcase your ability to translate technical jargon into actionable insights for clients.
✨Be Ready to Discuss Industry Standards
Familiarise yourself with standards like IEC 62443 and be prepared to discuss how you've performed gap analyses against these frameworks. This shows that you not only understand the technical side but also the regulatory landscape.
