Principal Cyber Security Consultant

Job Description

Overview

Leading the edge of transformation.

You might know us for the great work we do across our wide variety of projects. We're proud to say it's thanks to our people's diversity of thought, expertise and knowledge. And when you join us, you'll be a part of this genuinely collaborative environment, where everyone's voice is valued and treated equally.

We're passionate about what we do, but we don't take ourselves too seriously. Simply put, this a great place to be. So, when it comes to your life outside of work, ask us about our flexible and remote working policies designed to help you get the most out of life.

We deliver technically questioning and time-critical projects across multiple sectors, including Aerospace, Defence, Critical National Infrastructure (CNI). Due to continued growth, we have opportunities in our Governance, Risk & Compliance (GRC), Security Architecture, Threat & Vulnerability, and Operational Technology (OT) teams. Our role as a trusted adviser allows us to offer rewarding careers to those looking to enhance their skills and experience in dynamic environments.

We are seeking a knowledgeable, enthusiastic, and conscientious professional with extensive experience in securing Operational Technology (OT) environments (such as energy, utilities and transportation). As a Principal Consultant, you will bring deep expertise in OT cyber security and the ability to spearhead strategic engagements, building trust with clients and delivering innovative solutions.

Your role

• Lead OT Cybersecurity Programmes: Provide strategic leadership and oversight for multiple complex OT cyber security projects. Ensure that each engagement aligns with the client's business objectives and risk appetite, while delivering solutions that protect mission-critical systems and maximise operational resilience. Act as the engagement lead, managing client relationships and guiding internal teams to deliver high-quality results on time.
• Security Architecture & Innovation: Leverage deep technical expertise to design and govern secure OT system architectures in industrial environments. Apply creative thinking to implement advanced security controls (for example, robust network segmentation and hardened ICS/SCADA systems) that safeguard operational integrity. Continuously seek innovative approaches to address complex and non-routine security challenges in OT contexts.
• Governance & Risk Management: Establish robust cyber security governance frameworks tailored to OT environments. Spearhead comprehensive security risk assessments and gap analyses using industry frameworks such as NIST CSF and IEC 62443. Based on these assessments, identify the most cost-effective security controls in line with the client's risk appetite, balancing risk reduction with uptime and safety. Oversee the implementation of these controls to ensure risks are managed and regulatory requirements are met.
• Policy Development & Compliance: Develop and enforce enterprise security policies and procedures that meet corporate and regulatory requirements while reflecting normal practices in OT settings. Ensure all policies and solutions are aligned with relevant standards and regulations - for example, the Network and Information Systems (NIS) Regulations and HSE OG-0086 for critical infrastructures. Provide senior-level guidance to help clients remain compliant with evolving laws and industry standards.
• Client Engagement & Stakeholder Management: Build and maintain strong working relationships with clients, including senior executives and operational stakeholders. Act as a trusted adviser, capable of articulating and pitching cyber security advice in business terms as well as technical terms. Manage stakeholder expectations proactively and ensure high customer satisfaction. You will help clients navigate cyber security decisions and reinforce AtkinsRéalis' s reputation for delivering value.
• Project & Team Leadership: Oversee multiple project teams and mentor junior consultants and engineers to foster their development. Coordinate multi-disciplinary efforts in a matrix organisation, ensuring projects are delivered on schedule and within scope. Provide clear direction and support to team members and intervene decisively to resolve any issues or escalations. You are responsible for the overall quality of our OT cyber security services on your projects.
• Thought Leadership & Business Growth: Serve as a thought leader in OT cyber security both within AtkinsRéalis and in the wider industry. Stay abreast of emerging OT threats, technologies, and best practices, and share these insights with colleagues and clients. Contribute to business development by developing new service offerings and supporting bids/proposals for OT security work. Represent AtkinsRéalis at industry events or in publications to advance our brand and thought leadership in OT cyber security.

About you

• Extensive OT Cyber Security Experience: Proven experience delivering technical cyber security consultancy in OT environments (e.g. energy, utilities, transportation). This includes a deep understanding of the unique risks in OT systems versus IT systems. You should have a strong track record implementing security in industrial control system contexts and securing critical national infrastructure.
• Leadership & Delivery: Demonstrable ability to spearhead teams and manage complex security engagements on live industrial sites. Experience conducting engagements on operational plants - including performing risk assessments and deploying appropriate security controls - is required. You can coordinate multiple projects concurrently, delivering results that meet client priorities and deadlines.
• Exceptional Communication Skills: Excellent verbal and written communication skills. You listen actively to client needs and can explain complex cyber security concepts in clear, non-technical language. Able to confidently present to both engineers and C-suite stakeholders, adjusting your approach to suit the audience.
• Project Management & Stakeholder Engagement: Outstanding organisational skills with the ability to juggle multiple tasks and projects at once. Delivers high-quality work under pressure, consistently meeting tight deadlines. Capable of balancing business and client priorities while effectively managing stakeholder expectations.
• Teamwork & Collaboration: A proven team player who can also take initiative and spearhead. Able to work effectively both independently and within multidisciplinary teams in a complex, matrix organisation. You foster collaboration and can influence without direct authority when working across different teams or departments.
• Technical Mastery in OT: In-depth knowledge of the OT system lifecycle - how OT systems are specified, procured, designed, deployed, and operated - and how to embed cyber security best practices into each stage. Hands-on experience with security technologies commonly used in industrial control systems and SCADA environments is expected.
• Standards & Regulatory Knowledge: Strong familiarity with OT security standards and frameworks such as IEC 62443 and NIST CSF, and with relevant regulations like the NIS Regulations and HSE OG-0086. Ability to apply these frameworks in practice and guide organisations through compliance and accreditation processes.
• Security Clearance & Travel: Ability to obtain the necessary UK security clearance for working on sensitive projects (this will be discussed and processed as needed). Willingness to travel throughout the UK to client sites, with flexibility for short-term travel as required.
• Certifications & Professional Memberships: Possession of industry certifications with a focus on OT security is highly desirable. Examples include GIAC Global Industrial Cyber Security Professional (GICSP) or ISA/IEC 62443 certifications for OT, and more general certifications like CISSP or CISM. Chartered or full membership of relevant professional bodies (e.g. IISP, BCS, IET) is also advantageous.
• Thought Leadership & Industry Involvement: Active involvement in the cyber security community - such as publishing articles, speaking at conferences, or contributing to standards - will be seen as a plus. This demonstrates a commitment to the field beyond day-to-day project work and aligns with the thought leadership aspect of the role. A self-driven attitude with a keen interest in emerging technologies and security innovations. You keep up to date with the latest developments in OT cyber security and are committed to continuous professional development and skill enhancement.
• Specialist Expertise: Deep expertise in at least one relevant sub-domain of cyber or information security (for example, security architecture design, incident response, cyber risk management, security training, or policy development) is a bonus. This could be demonstrated by significant project experience or thought leadership in that area. Such expertise complements the broad knowledge required and can enhance our team's capabilities.

Reward & benefits

Explore the rewards and benefits that help you thrive - at every stage of your life and your career. Enjoy competitive salaries, employee rewards and a brilliant range of benefits you can tailor to suit your own health, wellbeing, financial and lifestyle choices. Make the most of a myriad of opportunities for training and professional development to grow your skills and expertise. And combine our hybrid working culture and flexible holiday allowances to balance a great job and fulfilling personal life.

Be rewarded. Find out more.

About AtkinsRéalis

We're AtkinsRéalis , a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world's infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project managers, we can change the world. We're committed to leading our clients across our various end markets to engineer a better future for our planet and its people.

Find out more.

Additional information

Security clearance

This role may require security clearance and offers of employment will be dependent on obtaining the relevant level of clearance. If this is necessary, it will be discussed with you at interview. The vetting process is delivered by United Kingdom Security Vetting (UKSV) and may require candidates to provide proof of residency in the UK of 5 years or longer. If applying to this role please do not make reference to (in conversation) or include in your application or CV, details of any current or previously held security clearance.

We are committed to creating a culture where everyone feels that they belong - a place where we can all be ourselves, thrive and develop to be the best we can be. So, we offer a range of family friendly, inclusive employment policies, flexible working arrangements and employee resource groups to support all employees. As an Equal Opportunities Employer, we value applications from all backgrounds, cultures and ability.

#LI-ADST | #LI-UK

Worker Type

Employee

Job Type

Regular

At AtkinsRéalis, we seek to hire individuals with diverse characteristics, backgrounds and perspectives. We strongly believe that world-class talent makes no distinctions based on gender, ethnic or national origin, sexual identity and orientation, age, religion or disability, but enriches itself through these differences.