OT Cyber Security Analyst

Amazon
Reading
1 week ago
Create job alert

We are seeking a highly skilled and experiencedOT Senior Cyber Security Analystto join our dynamic Security Operations team at Thames Water. As the UK’s largest water company, we are committed to ensuring the highest level of security and compliance, protecting the critical infrastructure that delivers essential water services to 15 million customers. In this role, you will be responsible for maintaining SecOps solutions, controls, and processes across the organisation, while mentoring and leading the SOC team to ensure effective management of OT alerts and incidents.

This position requires a deep understanding of SecOps concepts, technologies, and best practices, specifically across IT and OT environments. You will be tasked with ensuring robust incident management, proactive threat detection, and continuous improvement of our security posture. Strong communication and collaboration skills are essential as you will work closely with cross-functional teams to mitigate risks and protect Thames Water's essential services.

What you’ll do as an OT Senior Cyber Security Analyst

Contextualise OT Specific Threats:
• Understand the Operational Technology (OT) estate, specific OT threats, and controls in place to mitigate risks.
• Use tools like Claroty to analyse network traffic and OT hardware limitations, ensuring minimal downtime due to active scans.
• Build direct relationships with Operations teams to understand and articulate operational and cyber risk.

Maintain Security Operations:
• Maintain effective security operations processes, ensuring continuous improvement across security tools and services.
• Support an effective security operations environment using tools such as Microsoft Sentinel, SOAR, EDR/XDR, and PAM.
• Achieve reductions in repetitive alerts and improve the time taken to investigate and resolve incidents.

Proactive Risk Remediation:
• Identify, analyse, and evaluate security risks, applying a risk-based approach to implement appropriate and proportionate controls.
• Perform proactive activities such as threat hunting to uncover vulnerabilities and ensure continuous risk reduction.
• Provide tangible metrics to demonstrate risk reduction and reduced technical debt.

Incident Readiness & Response:
• Lead the incident triage and response process, ensuring effective management and remediation of cyber security incidents.
• Improve incident management by reducing business impacts and the time between incident identification and closure.
• Ensure the business is regularly educated on incident management procedures and that all staff know how to report cyber security incidents.

Continuous Improvement:
• Drive process improvements to increase operational efficiency, using automation to reduce manual tasks.
• Demonstrate improvements over time through KPIs, dashboards, and reporting, showing better response times and proactive security measures.

Key relationships and interactions:
CISO
Operational Technology Teams
IT Operations
Security Operations Manager
Security Architecture Manager
Cyber Security Programme Manager
Cyber Resilience Manager
Network Operations Manager
Business Change and Engagement
Key Business Stakeholders
Service Owners

What you should bring to the role:
Essential Experience:
• Minimum of 3 years of experience working with technical Cyber Security controls, preferably in an enterprise or critical infrastructure environment.
• Minimum of 3 years of experience in control systems of essential services, including ICS, SCADA, and CNI.
• Exposure to working in or with a security operations center (SOC).
• Experience in triaging issues and incidents in a structured, disciplined manner.
• Proven track record of remediating cyber risks in dynamic and evolving digital environments.

Essential Technical Skills & Qualifications:
• Ability to simplify complex IT and Security problems for non-technical audiences.
• Strong understanding of OT infrastructure, networking, and end-user computing.
• Proficiency in writing Kusto Query Language (KQL) for creating and tuning SIEM queries and alerts.
• Experience in configuring and troubleshooting MFA, Privileged Access Management (PAM), and Security Information & Event Management (SIEM) systems, particularly Microsoft Sentinel.

Desirable Experience:
• Familiarity with managing network security capabilities such as NAC, Firewalls, Proxies/VPN, IDS/IPS, etc.
• Leadership experience in mentoring and managing a team to deliver operational excellence.

Desirable Technical Skills & Qualifications:
• Degree in Cyber Security, Computer Science, Information Technology, Engineering, or a related field.
• Microsoft SecOps certification(s) such as Microsoft Security Operations Analyst (SC-200, AZ-900).
• Any industry-recognised cyber security certifications, such as CCSP or OT-specific certifications like Clarity Cybersecurity Analyst.

What’s in it for you?

  • Competitive salary up to £65,000per annum, depending on experience
  • Annual Leave - 26 days holidayper year, increasing to 30 with the length of service (plus bank holidays)
  • Generous Pension Schemethrough AON
  • Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.

Who are we?
We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.

Learn more about ourpurpose and values

Working at Thames Water
Thames Water is a unique, rewarding and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy fast-tracked career opportunities, flexible working arrangements and excellent benefits.
Whether you’re interested in a role in one of our call centres or science labs, we’re looking for people like you with real passion and a burning desire to make things better.

So, if you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region and our planet.

Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.

Our overarching aim is to ensure that Thames Water is great, diverse and inclusive place to work. We welcome applications from everyone and offer extra support for those who need it throughout the recruitment process. Our aim is to remove any real or perceived barriers to success, so if you need assistance, we’re here to help and support.

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business, meet colleagues and earn some extra money along the way.

Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.

Related Jobs

View all jobs

OT Cyber Security Analyst

OT Cyber Security Analyst

Senior Cyber Security Analyst

Cyber Security Analyst - Operational Technology

Security Analyst

Security Analyst

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.

Cyber Security Job Interview Warm‑Up: 30 Real Coding & System‑Design Questions

The need for skilled cyber security professionals has never been greater. As organisations rapidly digitise their operations and store increasing amounts of sensitive data online, cyber threats loom large—ranging from sophisticated ransomware attacks to insider threats and state‑sponsored espionage. Against this backdrop, cyber security jobs remain some of the most in‑demand and mission‑critical roles on the market. If you’re preparing for a cyber security interview, expect to be tested on a broad spectrum of topics—from secure coding and incident response to network security architecture and compliance standards. In many cases, companies also include problem‑solving exercises and system design scenarios to gauge how well you can apply theoretical knowledge to real‑world threats. To help you ace these assessments, we’ve compiled 30 real coding & system‑design questions you might encounter. Each reflects a key area of cyber security—whether it’s encryption and key management, threat modelling, or designing a zero‑trust network. Along the way, we’ll offer insights and best practices so you can stand out from the crowd. If you’re on the lookout for exciting cyber security roles in the UK, head to www.cybersecurityjobs.tech. There, you’ll discover a range of positions—covering everything from penetration testing and threat intelligence to compliance management and security operations. Let’s dive into the essentials of interview readiness.

Negotiating Your Cybersecurity Job Offer: Equity, Bonuses & Perks Explained

How to Secure Compensation That Reflects Your Value in the UK’s High-Stakes Cybersecurity Sector Introduction As cyber threats grow more sophisticated and frequent, cybersecurity professionals have never been more in demand. From thwarting ransomware attacks to architecting secure cloud infrastructures, mid‑senior cybersecurity experts play a critical role in safeguarding a company’s data and reputation. Thanks to this growing reliance on cybersecurity, employers in the UK are going above and beyond simple salary offers to attract the top echelon of talent. Although base salary remains a key component of any job offer, the broader package—encompassing equity, bonuses, and perks—can often surpass what you’d gain from a small bump in monthly pay. For cybersecurity specialists working in areas such as threat intelligence, incident response, penetration testing, or compliance, the complexity and risk mitigation you bring to the table is massive. Knowing how to negotiate the entire package ensures you are duly rewarded for keeping an organisation’s data, assets, and operations safe. In this guide, we’ll delve into every aspect of negotiating a cybersecurity job offer. Whether you’re pivoting to a mid‑senior role or cementing your expertise at an established security consultancy, understanding the full range of compensation elements will help you secure an offer that acknowledges the criticality of what you do. Let’s explore equity options, performance bonuses, and the perks that matter most, so you can come out of your next job negotiation confident that you’re getting more than just a salary.