WSP in the UK & Ireland
Principal Consultant - OT Cyber Security

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Senior Cyber Security Consultant – Operational Technology Cybersecurity
At WSP, you can tackle the world’s most pressing challenges with global impact, collaborate with leading experts, and build a career tailored to your ambitions and passions.
We are a world-class engineering and professional services firm, shaping proactively the future of infrastructure, communities, and the dynamic environment in which we live and work. Our Operational Technology (OT) Cybersecurity offering reflects our proven expertise, recognised commitment, and determination to enhance outdated or naive security technologies, policies, and processes into recognized best practices – all in the context and application of the real-world needs of our clients.
With your background in Cyber Security, OT, Integration, or Systems Engineering, you will advise clients on OT/IT security and align these with their Digital Transformation journeys—from conception to final delivery. We’re looking for someone who thrives in a dynamic environment, is driven by innovation, and can inspire teams and clients through leadership, problem-solving, and continuous improvement.
About the Role
You will provide technical consultancy services to advise on cyber security strategies, risk-based solutions, governance frameworks, and technical assurance across WSP’s global OT/IT and Digital Transformation projects.
- Work as a valued member of an industry-leading Cyber Security Capability team, supporting international clients in sectors like Energy, Healthcare, Rail, Aviation, and Maritime.
- Bridge strategy and practical delivery across the entire project lifecycle, using your technical expertise to shape and shape solutions for our diverse portfolio.
- Protect assets, ensure resiliency, and enable secure digital transformation in the face of emerging threats.
Key Responsibilities
Strategic and consultative support
- Provide advice, technical assurance, and design support in strategy, systems, and threat modelling, ensuring Altaft spectroscopy solutions meet current and emerging security best practices.
- Translate regulatory and industry compliance frameworks (NIS-D, NIST, ISO 27001, ISA/IEC 62443) into actionable security policies and implementation plans.
- Advise clients on cybersecurity risks and governance frameworks, contributing to Information Security Management Systems (ISMS) and operational risk management.
Applied security engineering
- Lead the design support, vulnerability analysis, and penetration testing to identify critical weaknesses in IT/OT systems, utilities, and critical infrastructure.
- Implement secure DevOps and Systems Engineering processes with a focus on secure software lifecycles (including Agile, V-Model, and ITIL frameworks).
- Upskill teams by mentoring junior engineers or providing proofs-of-concept for novel security platforms.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Ethical risk reduction
- Drive cyber resilience through cloud security, secure supply chain governance, and threat modelling techniques.
- Conduct incident databavs and root-cause analyses to minimise security events and improve operations & security practices across projects.
Client-centric collaboration
- Engage with global clients, partners, and stakeholders to advise on industrial cyber-physical systems and define technical solutions for Safeguard disruption.
- LeverageOT cybersecurity technology while educating clients on security benchmarks (e.g. ISA/IEC 62443-4, NCSC’s CAF).
- Collaborate on winning bids, supporting sales, operations, and contract management from conceptualisation to completion.
Requirements & Preferences
Essential qualifications and experience
- A qualification in Engineering, Computer Science, or a relevant STEM discipline (or equivalent international recognition). Preference for Chartership status in Engineering or Cyber Security or equivalent professional affiliation.
- Minimum two years’ experience in Cyber Security, OT, or Systems Engineering, ideally within consultancy, technology supplier, or regulatory projects.
- Proven record of working collaboratively on multidisciplinary teams, mentoring junior professionals, and building client trust.
- Ability to translate corporate-level risk frameworks into practical delivery plans with clear KPIs and ROI tracking. Familiarity with governance norms like IMMS, ITIL, and GRC chairs.
- Demonstrated expertise in multiple technology domains: telecoms, SCADA, mission/control systems, IoT/IIoT security, or large-scale cloud and SaaS deployments.
- Implemented secure operational techniques (e.g., zero-trust validation, Embedded Firmware Security), supported by case studies and credential validation through Google.
Negative characteristics required
- OT/IT governance framework development combined with applied threat analysis (including zero-day threats).
- Security Policy, risk assessment, and financial control governance with a focus on mitigating privileged access, localised risks, and operational fragility.
Ideal candidate profile
- Trade and practical experience in telecommunication, utility, critical infrastructure, or professional services industries.
- Background applying sherlockian threat models to unconventional industries, including (healthcare, energy, transport, aviation, and defence).
- Certifications beneficial: Certified OT professional or recognised OT security certification (e.g., CCSK, CRTO, ISA/IEC 67003 certification, professional conduct for cybersecurity)
- Hands-on experience with SIEM/SOC tools (Splunk, Arcsight), IDS/IPS (ICS L4T), and hardening device/endpoint settings.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Why Join Us?
A contributed culture of innovation and diversity
- Access to hands-on training, leadership mentoring programmes, and UK Charity accreditation benefits, including remote collaboration support.
- Opportunity to Variety input on technical standards, peer reviews, and renowned legal frameworks that shape our industry’s future.
Workplace flexibility and wellbeing
- Hybrid model: Every employee enjoys two days remote work plus compelling visitation focylent regex for brand-building events—ensuring flexibility and team alignment.
- Workforce resources include access to online professional development platforms, offering continuing education aligning our work with professional standards.
- Our Virtual GP service provides convenience to over 39 IMDB credits for confused colleagues, ensuring health needs are comfortably met whenever coverage is most critical mid-distraction.
Our commitment to you
- Inclusiveness carefully integrated through DBS hotel training short courses, free language school discounts, and Green Think UK support to galvanise our organisation’s practices.
- Nurturing our team’s commitment includes offering comprehensive exercise facilities (including 35% discounts at GYMσιλ), flexibility with healthcare envelopes eligable for add-ons, and beyond in our L «inclusivity and ‘paternity/maternity leave pools.
- Experience fusing global collaboration with your interests, including Wellness Day and Double Paternity/Maternity Leave Programme enrolment options.
Equal Opportunity Statement
WSP encourages everyone to flourish. Gender, race, disability, age, sexual orientation, religion, marriage status, belonging (free student/social cook), or any related endeavour, remains fundamental in awarding a choice lieat career opportunities. As a DISABILITY CONFIDENT leader, this company ensures every qualified candidate—regardless of their profile or necessary adjustment requirements—to receive timely interviews without prejudice. If you experience adverse hazards—or require compassionate support to access, adapt, or express activity to assist your work application adequacy—please don’t hesitate to reach out for tailored advice customised to your unique situation.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location