Technical Lead - OT Cyber Security in Bristol

Location: Ebbw Vale, Reading, Crawley, Bristol, Templecombe, and Cheadle (any Thales office)

Other: permanent, full-time, hybrid, with 10-15% domestic & international travel

Step into a role where your OT cyber expertise shapes national‑level resilience and the future of secure industrial systems!

What The Role Has To Offer

• Enterprise-wide technical influence – shaping consequence informed, secure‑by‑design OT architectures, guiding adoption of cutting‑edge OT and AI‑enabled security technologies, and steering the evolution of Thales’ future OT cyber capabilities
• Authoritative decision making – owning the final technical position on OT security designs, risks, and investments, strengthening national resilience and aligning product roadmaps with emerging trends
• Innovation leadership – driving next‑generation OT security capabilities, modernising legacy estates, leveraging AI opportunities, and shaping Thales’ long‑term cyber resilience strategy

As our OT Cyber Security Technical Product Authority, you will take the lead in defining how advanced OT cyber capabilities are designed, assured, and evolved across some of the UK’s most complex and safety‑critical environments. You’ll be the organisation’s senior voice on OT security, setting the direction for architectures, standards, and engineering approaches that protect industrial control systems, SCADA platforms, process management technologies, and critical national assets.

You will provide authoritative leadership for consequence informed, secure‑by‑design OT systems, driving risk‑informed architectures and shaping organisational strategy through confident, evidence‑based decision making. Your influence will extend across senior stakeholders and multi‑vendor supply chains, ensuring suppliers meet rigorous expectations while advancing next‑generation OT resilience. By embedding a consistent, standards‑driven approach, you’ll strengthen governance, reduce cyber risk across essential services, and build long‑term architectural maturity.

We’re seeking someone with deep, hands‑on OT/ICS cyber security expertise—from SCADA and PLCs to industrial networking—supported by strong knowledge of standards such as IEC 62443 and NIS2. You will bring Technical Authority‑level judgement to steer complex engineering programmes, model consequence‑based risks, analyse threats, and define secure architectures with confidence, while communicating clearly with senior leaders and constructively challenging suppliers. This role is for those with genuine OT experience, not purely IT or cloud backgrounds; you’ll understand real‑time, safety‑critical environments and the realities of industrial processes. Whether your background is in energy, transport, advanced manufacturing, critical national infrastructure, control systems engineering, or industrial process sectors, you’ll bring the curiosity, resilience, and sound judgement needed to operate where your expertise shapes outcomes at a national level.

Building a Future, we can all trust.

What We Offer You

We offer a competitive salary and benefits package designed to support our employees’ wellbeing and professional growth, which includes:

• Performance‑related bonus
• Half day every Friday, usually finishing around 13:00
• 28 days annual leave (plus bank holidays) with opportunity to buy up to 40 hours/year (pro rata)
• 24 hours volunteering paid for
• Life cover
• 24/7 Employee Assistance Program and access to mental wellbeing app
• Employee discount shopping schemes on major brands and retailers

Main Responsibilities

• Act as the organisation’s Technical Authority for OT cyber security, owning architectures, standards, and design patterns
• Provide authoritative design assurance and approve OT system designs across the full lifecycle
• Lead consequence‑informed risk assessments, threat modelling, and vulnerability analysis
• Govern product selection, configuration baselines, and secure deployment of OT security tooling
• Oversee assurance activities including design reviews, penetration testing, red teaming, and supplier audits
• Influence senior stakeholders on investment decisions, risk acceptance, and architectural direction
• Drive continuous improvement by evolving OT security capabilities and developing scalable, modernised OT architectures

About You

At Thales, we are committed to equal opportunities and welcome all talented individuals to consider joining our team. So even if you don't match every statement below but feel you have some of the experience, knowledge or skills needed for this role, we encourage you to apply. It will take all of us working together to deliver solutions to the world’s most critical challenges.

• Degree in Cyber Security, Computer Science, Electrical Engineering, Control Systems Engineering, or a related technical field
• Proven experience acting as a Technical Authority, Design Authority, or equivalent senior engineering role
• Proven deep OT/ICS cyber expertise across SCADA, PLCs, DCS, BMS, industrial networking, and key protocols (e.g., Modbus, DNP3, OPC, Profinet)
• Proven hands‑on experience with OT security tooling, including monitoring, segmentation, asset discovery, and secure remote access
• Demonstrated proficiency with OT monitoring platforms (e.g., Nozomi, Claroty, Dragos) and network analysis tools (e.g., Wireshark, Zeek)
• Acquired strong knowledge of IEC 62443, NIS/NIS2, NCSC CAF, ISO 27001/27019, and relevant sector regulations
• Demonstrated ability to lead security risk assessments, mitigation activities, and assurance processes
• Proven experience applying cyber security to OT, IoT, or embedded environments
• Demonstrated communication skills, translating complex concepts for senior stakeholders
• Proven ability to lead complex technical decisions, challenge suppliers, and provide defensible recommendations
• Proven ability to build trusted relationships with senior stakeholders and maintain a strong external network
• A strong commitment to continuous learning and professional development
• Postgraduate degree (MSc/MEng) in Cyber Security, Systems Engineering, Industrial Automation, or a related field
• Experience in regulated OT environments such as defence, healthcare, policing, utilities, manufacturing, or critical infrastructure
• Professional certifications such as GICSP, GRID, ISA/IEC 62443, CISSP, or CISM
• Motivated by contributing to a safer, more secure world through Cybersecurity & Trust

Security Clearance Statement

Due to the nature of the work that we do at Thales, many of our roles are subject to security restrictions. This role requires Security Clearance (SC). It would be advantageous if currently held, however, if not currently held, it is a requirement that the successful applicant undergo, achieve, and maintain SC Clearance prior to commencing employment.

To be eligible for full SC, you generally need to have resided in the UK for the last 5 years. In some circumstances, a minimum of 3 years’ residence in the UK over the last 5 years may be accepted, with additional overseas checks.