The Role: We’re hiring an experienced Security OT Engineer to support the protection and evolution of complex Operational Technology (OT) and industrial control system environments.
This role sits within a Security Operations function but is heavily engineering-focused, combining hands-on OT security tooling, detection engineering, and incident response to strengthen resilience across critical infrastructure.
Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based activities Engineer, configure and optimise OT security platforms (e.g. OT NDR tools such as Claroty or equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities in OT systems and implement practical, risk-based remediation strategies Drive continuous improvement in OT security posture, tooling effectiveness and detection capability Maintain and enhance OT security documentation, playbooks and engineering standards
Experience Required: Proven experience in a Security OT Engineer / OT Cyber Security role Strong understanding of industrial control systems (ICS) – including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Solid knowledge of industrial protocols (e.g. Modbus, DNP3, OPC, Profinet) Experience with SIEM, EDR and network traffic analysis (e.g. Wireshark) Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote access and OT architecture design Familiarity with frameworks such as ISA/IEC 62443 and MITRE ATT&CK for ICS
Desirable: Certifications such as GICSP, ISA/IEC 62443, Security+, or CEH Experience working in critical infrastructure or regulated environments Exposure to threat hunting and purple team activities within OT environments
Key Skills & Attributes: Strong engineering mindset with a focus on building and improving security capability Ability to balance security requirements with operational safety and uptime Analytical, detail-oriented and comfortable working with complex OT environments Confident communicator, able to engage across security, IT and engineering teams Proactive and solution-driven with a focus on continuous improvement”, “datePosted”: “2026-05-23”, “hiringOrganization”: { “@type”: “Organization”, “name”: “Sanderson”, “sameAs”: “https://uk.whatjobs.com/pub_api__cpl__439463666__4861?utm_campaign=publisher&utm_medium=api&utm_source=4861&geoID=22” }, “jobLocation”: { “@type”: “Place”, “address”: { “@type”: “PostalAddress”, “addressLocality”: “Bristol” } } }
Security OT Engineer Rate: £500 – £550 Inside IR35 Duration: 6 months Location: South West (Bristol) – 2 days per week onsite
The Role: We’re hiring an experienced Security OT Engineer to support the protection and evolution of complex Operational Technology (OT) and industrial control system environments.
This role sits within a Security Operations function but is heavily engineering-focused, combining hands-on OT security tooling, detection engineering, and incident response to strengthen resilience across critical infrastructure.
Key Responsibilities: Act as the OT security engineering SME, supporting both operational and project based activities Engineer, configure and optimise OT security platforms (e.g. OT NDR tools such as Claroty or equivalent) Develop and refine detection rules, alerting logic and monitoring coverage across OT and IT/OT convergence points Lead technical investigations and incident response for OT-related cyber events Analyse industrial network traffic to identify anomalies, threats and protocol misuse Integrate OT telemetry into SIEM and EDR platforms to enhance visibility and correlation Support secure by design initiatives for new OT systems, including segmentation and access control validation Assess vulnerabilities in OT systems and implement practical, risk-based remediation strategies Drive continuous improvement in OT security posture, tooling effectiveness and detection capability Maintain and enhance OT security documentation, playbooks and engineering standards
Experience Required: Proven experience in a Security OT Engineer / OT Cyber Security role Strong understanding of industrial control systems (ICS) – including SCADA, PLCs, DCS Hands-on experience with OT security tools (e.g. Claroty, Nozomi, Dragos or similar NDR platforms) Solid knowledge of industrial protocols (e.g. Modbus, DNP3, OPC, Profinet) Experience with SIEM, EDR and network traffic analysis (e.g. Wireshark) Background in incident response, threat detection and security monitoring within OT or converged environments Understanding of network segmentation, secure remote access and OT architecture design Familiarity with frameworks such as ISA/IEC 62443 and MITRE ATT&CK for ICS
Desirable: Certifications such as GICSP, ISA/IEC 62443, Security+, or CEH Experience working in critical infrastructure or regulated environments Exposure to threat hunting and purple team activities within OT environments
Key Skills & Attributes: Strong engineering mindset with a focus on building and improving security capability Ability to balance security requirements with operational safety and uptime Analytical, detail-oriented and comfortable working with complex OT environments Confident communicator, able to engage across security, IT and engineering teams Proactive and solution-driven with a focus on continuous improvement…