Principal Consultant
NCC Group
full-time
Posted on:
Location Type: Office
Location: Manchester • 🇬🇧 United Kingdom
Visit company websiteJob Level
Lead
Tech Stack
Cyber Security
About the role
- As a Principal OT Consultant in NCC Group's Global OT Consulting and Implementation (C&I) division, you'll be at the forefront of protecting critical infrastructure.
- Your role is pivotal in providing advanced Cyber Security Assurance and Engineering to suppliers, owners, and operators, helping them safeguard essential processes and equipment.
- You will lead project teams, build and maintain trusted client relationships, and spearhead assessments.
- You'll translate complex technical findings into clear, actionable roadmaps and ensure adherence to internal policies.
- Moreover, you'll play a key role in supporting sales activities and mentoring junior consultants, contributing to our collective growth.
- You will also work closely with the OT Practice Director to expand our global engineering capabilities, which includes remote and on-site work in industrial environments like manufacturing, energy generation, oil & gas, and transportation systems.
Requirements
- Technical Expertise: Successfully apply cyber security engineering patterns to constrained operating environments, including industrial control systems (ICS), distributed control systems (DCS), and their integration with enterprise systems.
- Design and implement security controls specific to industrial environments (e.g., manufacturing, energy (DER), water, and/or transportation).
- Provide expert consulting services for IT/OT convergence challenges and solutions.
- Project Leadership & Execution: Lead engagements and workshops with suppliers and operators to facilitate IEC 62443 Initial Risk Assessments and prepare security cases for regulatory submission.
- Deliver projects that result in high-fidelity, fact-based technical reports and impactful, executive-level presentations.
- Perform comprehensive gap analyses against industrial and critical infrastructure standards and frameworks.
- Analytical Abilities: Understand and interpret Data Flow Diagrams (DFDs), Functional Design Specifications (FDS), Bills of Materials (BOM/SBOM), High/Low-Level Design (HLD/LLD), and network architecture diagrams.
- Combine threat modeling methodologies like MITRE with frameworks such as IEC 62443.
- Operational & Communication Skills: Excellent communication, consulting, and presentation skills, with exceptional written reporting abilities.
- Possess practical experience as a controls systems engineer or in industrial engineering, with a strong prioritization of the safety of people, equipment, and the environment.
- Willingness to travel to client industrial sites as necessary and support international teams remotely.
- Relevant Certifications: Industry-recognized certifications such as CISSP, CISM, CRISC, CISA, or a recognized OT qualification like GIAC GICSP.
- Industry Experience: Have delivered OT projects within a critical infrastructure client environment.
- Consulting Proficiency: Demonstrate proficiency in working collaboratively with customers in high-value, fast-paced engagements.
- Operational Background: Possess work experience in an operational environment, with a background in Safety.
Benefits
- Flexible working
- Pension, life assurance, share save scheme
- Generous parental leave
- Community & volunteering programmes
- Green car scheme
- Cycle to work scheme
- Wellness programmes
- Learning & development opportunities
- Employee referral bonuses
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cyber security engineeringindustrial control systems (ICS)distributed control systems (DCS)security controls designIEC 62443gap analysisthreat modelingData Flow Diagrams (DFDs)Functional Design Specifications (FDS)network architecture diagrams
Soft skills
project leadershipcommunication skillsconsulting skillspresentation skillsanalytical abilitiesmentoringclient relationship managementteam collaborationproblem-solvingprioritization
Certifications
CISSPCISMCRISCCISAGIAC GICSP