OT Security Manager
Glocomms is partnering with a leading energy infrastructure organization that is seeking an OT Security Manager to lead both technical OT security operations and governance, risk, and compliance (GRC) efforts. This role is responsible for overseeing security tooling in operational environments, managing regulatory compliance programs, and acting as the key bridge between engineering teams, leadership, and external auditors.
Key Responsibilities
- Manage OT security engineers and GRC analysts supporting operational environments
- Oversee security tooling (SIEM, vulnerability scanning, configuration monitoring) and ensure findings are tracked through remediation
- Establish audit-ready processes, documentation standards, and evidence collection
- Lead OT compliance programs aligned to NERC CIP standards (CIP-006, 007, 008, 010, 011)
- Own audit preparation, regulatory engagement, and response management
- Maintain risk register, control framework, policies, and exception handling processes
- Monitor regulatory changes and drive program updates
- Translate technical findings into business risk for leadership and non-technical stakeholders
- Serve as the primary contact for audits and regulatory interactions
- Deliver clear reporting, briefings, and documentation across audiences
Qualifications
- 7+ years of OT/ICS cybersecurity or critical infrastructure security experience
- Experience leading NERC CIP compliance programs in regulated environments
- Hands-on knowledge of OT security tools (e.g., SIEM, vulnerability management, integrity monitoring)
- Experience managing both technical security teams and GRC/compliance teams
- Strong understanding of risk management, policy development, and audit processes
- Excellent communication skills across technical and executive audiences
- Relevant certifications preferred (CISSP, CISM, GICSP, or similar)
- Familiarity with frameworks such as NIST CSF, NIST 800-82, or IEC 62443
- Experience in multi-site or complex critical infrastructure environments
Why Join
- High-impact role at the intersection of cybersecurity, critical infrastructure, and regulatory compliance
- Opportunity to lead and mature a growing OT security program
- Work closely with both technical teams and executive leadership
FAQs
Congratulations, we understand that taking the time to apply is a big step. When you apply, your details go directly to the consultant who is sourcing talent. Due to demand, we may not get back to all applicants that have applied. However, we always keep your CV and details on file so when we see similar roles or see skillsets that drive growth in organisations, we will always reach out to discuss opportunities.
Yes. Even if this role isnât a perfect match, applying allows us to understand your expertise and ambitions, ensuring you're on our radar for the right opportunity when it arises.
We also work in several ways, firstly we advertise our roles available on our site, however, often due to confidentiality we may not post all. We also work with clients who are more focused on skills and understanding what is required to future-proof their business.
That's why we recommend registering your CV so you can be considered for roles that have yet to be created.
Yes, we help with CV and interview preparation. From customised support on how to optimise your CV to interview preparation and compensation negotiations, we advocate for you throughout your next career move.