{ “@context”: “http://schema.org”, “@type”: “JobPosting”, “title”: “OT Security Engineer”, “description”: “
Security OT Engineer
Rate: £500 – £550 Inside IR35
Duration: 6 months
Location: South West (Bristol) – 2 days per week onsite
The Role:
We’re hiring an experienced Security OT Engineer to support the protection and evolution of complex Operational Technology (OT) and industrial control system environments.
This role sits within a Security Operations function but is heavily engineering-focused, combining hands-on OT security tooling, detection engineering, and incident response to strengthen resilience across critical infrastructure.
Key Responsibilities:
- Act as the OT security engineering SME, supporting both operational and project based activities
- Engineer, configure and optimise OT security platforms (e.g. OT NDR tools such as Claroty or equivalent)
- Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points
- Lead technical investigations and incident response for OT-related cyber events
- Analyse industrial network traffic to identify anomalies, threats and protocol misuse
- Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation
- Support secure by design initiatives for new OT systems, including segmentation and access control validation
- Assess vulnerabilities in OT systems and implement practical, risk-based remediation strategies
- Drive continuous improvement in OT security posture, tooling effectiveness and detection capability
- Maintain and enhance OT security documentation, playbooks and engineering standards
Experience Required:
- Proven experience in a Security OT Engineer / OT Cyber Security role
- Strong understanding of industrial control systems (ICS) – including SCADA, PLCs, DCS
- Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms)
- Solid knowledge of industrial protocols (e.g. Modbus, DNP3, OPC, Profinet)
- Experience with SIEM, EDR and network traffic analysis (e.g. Wireshark)
- Background in incident response, threat detection and security monitoring within OT or converged environments
- Understanding of network segmentation, secure remote access and OT architecture design
- Familiarity with frameworks such as ISA/IEC 62443 and MITRE ATT&CK for ICS
Desirable:
- Certifications such as GICSP, ISA/IEC 62443, Security+, or CEH
- Experience working in critical infrastructure or regulated environments
- Exposure to threat hunting and purple team activities within OT environments
Key Skills & Attributes:
- Strong engineering mindset with a focus on building and improving security capability
- Ability to balance security requirements with operational safety and uptime
- Analytical, detail-oriented and comfortable working with complex OT environments
- Confident communicator, able to engage across security, IT and engineering teams
- Proactive and solution-driven with a focus on continuous improvement
Company: Sanderson
Location: Bristol
Job Description:
Security OT Engineer
Rate: £500 – £550 Inside IR35
Duration: 6 months
Location: South West (Bristol) – 2 days per week onsite
The Role:
We’re hiring an experienced Security OT Engineer to support the protection and evolution of complex Operational Technology (OT) and industrial control system environments.
This role sits within a Security Operations function but is heavily engineering-focused, combining hands-on OT security tooling, detection engineering, and incident response to strengthen resilience across critical infrastructure.
Key Responsibilities:
- Act as the OT security engineering SME, supporting both operational and project based activities
- Engineer, configure and optimise OT security platforms (e.g. OT NDR tools such as Claroty or equivalent)
- Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points
- Lead technical investigations and incident response for OT-related cyber events
- Analyse industrial network traffic to identify anomalies, threats and protocol misuse
- Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation
- Support secure by design initiatives for new OT systems, including segmentation and access control validation
- Assess vulnerabilities in OT systems and implement practical, risk-based remediation strategies
- Drive continuous improvement in OT security posture, tooling effectiveness and detection capability
- Maintain and enhance OT security documentation, playbooks and engineering standards
Experience Required:
- Proven experience in a Security OT Engineer / OT Cyber Security role
- Strong understanding of industrial control systems (ICS) – including SCADA, PLCs, DCS
- Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms)
- Solid knowledge of industrial protocols (e.g. Modbus, DNP3, OPC, Profinet)
- Experience with SIEM, EDR and network traffic analysis (e.g. Wireshark)
- Background in incident response, threat detection and security monitoring within OT or converged environments
- Understanding of network segmentation, secure remote access and OT architecture design
- Familiarity with frameworks such as ISA/IEC 62443 and MITRE ATT&CK for ICS
Desirable:
- Certifications such as GICSP, ISA/IEC 62443, Security+, or CEH
- Experience working in critical infrastructure or regulated environments
- Exposure to threat hunting and purple team activities within OT environments
Key Skills & Attributes:
- Strong engineering mindset with a focus on building and improving security capability
- Ability to balance security requirements with operational safety and uptime
- Analytical, detail-oriented and comfortable working with complex OT environments
- Confident communicator, able to engage across security, IT and engineering teams
- Proactive and solution-driven with a focus on continuous improvement
…
Posted: May 16th, 2026