As a Cyber Resilience Testing Lead, you will play a key role within the Information Security team at Thames Water, supporting the Head of Cyber Resilience in delivering technical cyber resilience testing and vulnerability management activities across both IT and OT environments. Working closely with cybersecurity leadership, service owners, and technical teams, you will help ensure vulnerabilities are effectively identified, assessed, remediated, and evidenced across the organisation.

This role contributes to Thames Water’s cyber resilience programme by providing technical assurance of defensive capabilities, supporting resilience testing initiatives, and ensuring vulnerability management processes are robust and effective. You will collaborate with stakeholders across the business to ensure testing and remediation activities are executed efficiently while maintaining high standards of documentation, reporting, and governance.

Security Clearance: CTC (Counter Terrorist Check) clearance is desirable. Where this is not already held, it will be obtained as part of the role.

What you’ll be doing as a Cyber Resilience Testing Lead

  • Lead the technical validation of vulnerabilities, including severity assessment, exploitability analysis, and business impact evaluation across IT and OT environments.
  • Perform advanced triage of vulnerabilities using industry-standard methodologies such as CVSS.
  • Act as the technical escalation point for complex or disputed remediation plans, advising on compensating controls and risk acceptance.
  • Maintain and update the central vulnerability register, ensuring accurate tracking from identification through to remediation.
  • Assign ownership of vulnerabilities and track remediation progress to completion.
  • Collect and validate remediation evidence, ensuring audit-ready documentation.
  • Prepare reports and dashboards to support oversight by Cyber Resilience leadership.
  • Design and maintain the annual penetration testing and red/purple team testing schedule.
  • Review and validate testing outputs, including exploit paths and findings, ensuring technical accuracy.
  • Translate testing findings into actionable remediation plans in collaboration with SOC, architecture, engineering, and OT teams.
  • Support the coordination of penetration testing, red/purple teaming, and cyber stress testing activities.
  • Provide subject matter expertise during cyber incidents, supporting technical investigation and response.
  • Maintain readiness for regulatory compliance, ensuring testing and vulnerability evidence meets audit requirements.
  • Support broader cyber resilience initiatives through operational and administrative activities.
  • Maintain accurate records and contribute to reporting and regulatory submissions.

Base location – Hybrid – Clearwater Court, Reading.
Working pattern – 36 hours Monday to Friday.

What you should bring to the role

  • Experience in cybersecurity, vulnerability management, or related technical security roles.
  • Strong understanding of offensive security methodologies, including MITRE ATT&CK.
  • Ability to analyse penetration testing reports in depth and translate findings into control improvements.
  • Experience tracking vulnerability remediation and coordinating with stakeholders to ensure timely resolution.
  • Experience working within critical infrastructure, utilities, or public sector environments.
  • Strong organisational skills with the ability to manage multiple priorities and maintain accurate records.
  • Excellent communication and interpersonal skills to engage technical and non-technical stakeholders.
  • Ability to build strong working relationships and operate as a self-starter.

Technical experience and skills

  • Familiarity with vulnerability management tools such as ServiceNow, Tenable, or similar platforms.
  • Knowledge of cybersecurity frameworks and standards such as ISO 27001, NIST, and CIS Controls.
  • Proficiency in reporting and data analysis tools such as Excel, Power BI, or equivalent.
  • Ability to validate vulnerabilities, interpret testing results, and support remediation planning.

Desirable qualifications and experience

  • Broader knowledge and experience within cybersecurity or information security.
  • Experience with ICS/OT security testing, including PLCs, HMIs, and industrial protocols such as Modbus, DNP3, and OPC-UA.
  • Experience producing technical dashboards reflecting vulnerability management and resilience maturity.
  • Experience working with vendors or delivery partners on testing or remediation activities.
  • Experience supporting penetration testing, red/purple teaming, or cyber stress testing programmes.
  • Experience supporting regulatory compliance aligned to industry standards (e.g., SEMD, CAF).

Desirable technical skills and qualifications

  • Bachelor’s degree in Computer Science, IT, Cyber Security, or a related field (or equivalent experience).
  • Professional certifications such as CompTIA Security+, CySA+, or similar (CISSP/CISM desirable but not essential).

What’s in it for you?

  • Competitive salary between £68,000 and £78,000 per annum, depending on experience.
  • Annual Leave - 26 days holiday per year, increasing to 30 with the length of service. (plus bank holidays)
  • Generous Pension Scheme through AON.
  • Performance-related pay plan directly linked to company performance measures and targets.
  • Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.

Find out more about our benefits and perks (Please note different T&Cs apply if on secondment)

Who are we?

We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.

Learn more about our purpose and values

Working at Thames Water

Thames Water is a unique, rewarding, and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy meaningful career opportunities, flexible working arrangements and excellent benefits.

If you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region, and our planet.

Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.

We’re committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process. If you need any adjustments, whether that’s extra time, accessible formats, or anything else just let us know, we’re here to help and support.

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business and meet colleagues.

Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.