Governance jobs in United Kingdom

### **Job Description**## Overview**Leading the edge of transformation.**You might know us for the great work we do across our wide variety of projects. We're proud to say it's thanks to our people's diversity of thought, expertise and knowledge. And when you join us, you'll be a part of this genuinely collaborative environment, where everyone's voice is valued and treated equally.We're passionate about what we do, but we don't take ourselves too seriously. Simply put, this a great place to be. So, when it comes to your life outside of work, ask us about our flexible and remote working policies designed to help you get the most out of life.We deliver technically questioning and time-critical projects across multiple sectors, including Aerospace, Defence, Critical National Infrastructure (CNI). Due to continued growth, we have opportunities in our Governance, Risk & Compliance (GRC), Security Architecture, Threat & Vulnerability, and Operational Technology (OT) teams. Our role as a trusted adviser allows us to offer rewarding careers to those looking to enhance their skills and experience in dynamic environments.We are seeking a knowledgeable, enthusiastic, and conscientious professional with extensive experience in securing Operational Technology (OT) environments (such as energy, utilities and transportation). As a Principal Consultant, you will bring deep expertise in OT cyber security and the ability to spearhead strategic engagements, building trust with clients and delivering innovative solutions.## Your role* Lead OT Cybersecurity Programmes: Provide strategic leadership and oversight for multiple complex OT cyber security projects. Ensure that each engagement aligns with the client’s business objectives and risk appetite, while delivering solutions that protect mission-critical systems and maximise operational resilience. Act as the engagement lead, managing client relationships and guiding internal teams to deliver high-quality results on time.* Security Architecture & Innovation: Leverage deep technical expertise to design and govern secure OT system architectures in industrial environments. Apply creative thinking to implement advanced security controls (for example, robust network segmentation and hardened ICS/SCADA systems) that safeguard operational integrity. Continuously seek innovative approaches to address complex and non-routine security challenges in OT contexts.* Governance & Risk Management: Establish robust cyber security governance frameworks tailored to OT environments. Spearhead comprehensive security risk assessments and gap analyses using industry frameworks such as NIST CSF and IEC 62443. Based on these assessments, identify the most cost-effective security controls in line with the client’s risk appetite, balancing risk reduction with uptime and safety. Oversee the implementation of these controls to ensure risks are managed and regulatory requirements are met.* Policy Development & Compliance: Develop and enforce enterprise security policies and procedures that meet corporate and regulatory requirements while reflecting normal practices in OT settings. Ensure all policies and solutions are aligned with relevant standards and regulations – for example, the Network and Information Systems (NIS) Regulations and HSE OG-0086 for critical infrastructures. Provide senior-level guidance to help clients remain compliant with evolving laws and industry standards.* Client Engagement & Stakeholder Management: Build and maintain strong working relationships with clients, including senior executives and operational stakeholders. Act as a trusted adviser, capable of articulating and pitching cyber security advice in business terms as well as technical terms. Manage stakeholder expectations proactively and ensure high customer satisfaction. You will help clients navigate cyber security decisions and reinforce AtkinsRéalis’ s reputation for delivering value.* Project & Team Leadership: Oversee multiple project teams and mentor junior consultants and engineers to foster their development. Coordinate multi-disciplinary efforts in a matrix organisation, ensuring projects are delivered on schedule and within scope. Provide clear direction and support to team members and intervene decisively to resolve any issues or escalations. You are responsible for the overall quality of our OT cyber security services on your projects.* Thought Leadership & Business Growth: Serve as a thought leader in OT cyber security both within AtkinsRéalis and in the wider industry. Stay abreast of emerging OT threats, technologies, and best practices, and share these insights with colleagues and clients. Contribute to business development by developing new service offerings and supporting bids/proposals for OT security work. Represent AtkinsRéalis at industry events or in publications to advance our brand and thought leadership in OT cyber security.## About you* Extensive OT Cyber Security Experience: Proven experience delivering technical cyber security consultancy in OT environments (e.g. energy, utilities, transportation). This includes a deep understanding of the unique risks in OT systems versus IT systems. You should have a strong track record implementing security in industrial control system contexts and securing critical national infrastructure.* Leadership & Delivery: Demonstrable ability to spearhead teams and manage complex security engagements on live industrial sites. Experience conducting engagements on operational plants – including performing risk assessments and deploying appropriate security controls – is required. You can coordinate multiple projects concurrently, delivering results that meet client priorities and deadlines.* Exceptional Communication Skills: Excellent verbal and written communication skills. You listen actively to client needs and can explain complex cyber security concepts in clear, non-technical language. Able to confidently present to both engineers and C-suite stakeholders, adjusting your approach to suit the audience.* Project Management & Stakeholder Engagement: Outstanding organisational skills with the ability to juggle multiple tasks and projects at once. Delivers high-quality work under pressure, consistently meeting tight deadlines. Capable of balancing business and client priorities while effectively managing stakeholder expectations.* Teamwork & Collaboration: A proven team player who can also take initiative and spearhead. Able to work effectively both independently and within multidisciplinary teams in a complex, matrix organisation. You foster collaboration and can influence without direct authority when working across different teams or departments.* Technical Mastery in OT: In-depth knowledge of the OT system lifecycle – how OT systems are specified, procured, designed, deployed, and operated – and how to embed cyber security best practices into each stage. Hands-on experience with security technologies commonly used in industrial control systems and SCADA environments is expected.* Standards & Regulatory Knowledge: Strong familiarity with OT security standards and frameworks such as IEC 62443 and NIST CSF, and with relevant regulations like the NIS Regulations and HSE OG-0086. Ability to apply these frameworks in practice and guide organisations through compliance and accreditation processes.* Security Clearance & Travel: Ability to obtain the necessary UK security clearance for working on sensitive projects (this will be discussed and processed as needed). Willingness to travel throughout the UK to client sites, with flexibility for short-term travel as required.* Certifications & Professional Memberships: Possession of industry certifications with a focus on OT security is highly desirable. Examples include GIAC Global Industrial Cyber Security Professional (GICSP) or ISA/IEC 62443 certifications for OT, and more general certifications like CISSP or CISM. Chartered or full