Before the details, here's what's in it for you: - $225k + super
- Work alongside a globally established OT practice spanning the UK, Europe, North America and APAC
- Possible travel nationally and internationally as part of the role
- Hybrid working - 2 days in office if Sydney based (flexible), fully remote considered anywhere else in Australia
- Build and lead your own AU OT consulting team
- Engage on genuinely complex, high-stakes critical infrastructure engagements
- Work directly with globally recognised OT leaders on methodology and capability
So what are you actually stepping into?
A globally recognised cyber security firm has an established OT Consulting and Implementation practice operating across multiple continents. Australia is the next chapter, and this is the senior OT role that kicks it off locally.
This isn't a role where you'll be plugging gaps in an existing team or finishing someone else's half-baked projects. You'll be shaping how OT consulting is delivered in Australia, building a team around you as the practice grows, and doing real hands-on technical work alongside it. The global OT leadership team is experienced, engaged and accessible - you'll have genuine support from people who know their stuff, not a head office that disappears when things get hard.
If you've got a technical background in rail or transport OT security specifically, that's going to land well. But strong OT experience across energy or other critical infrastructure sectors is absolutely considered.
The work itself is technical and meaningful. IEC 62443 is the backbone of what this team delivers - Initial Risk Assessments, Detailed Risk Assessments, security cases for regulatory submission, gap analyses, controls implementation, architecture reviews. You'll be running workshops with operators and suppliers, producing technical deliverables and presenting findings to senior stakeholders. The expectation is that you can do the work, lead a team, and grow a practice - not just manage upwards and delegate everything down.
If you've come up through controls engineering or automation and built your OT security expertise from the ground up, this role was written for you. If you've been consulting in OT security and you're ready to own something rather than contribute to someone else's practice, same deal.
Day to day you'll be: - Leading IEC 62443 Initial and Detailed Risk Assessments end to end
- Designing and implementing security controls for OT/ICS and SCADA environments
- Running gap analyses against IEC 62443, NIST and AESCSF
- Delivering technical reports and executive presentations to clients
- Building, leading and mentoring a growing team of OT consultants
- Running workshops with operators, suppliers and regulatory bodies
- Supporting business development and client relationship growth
- Collaborating with global OT leads in London on methodology and capability
To be seriously considered, you'll need: - Deep, hands-on OT security experience - implementation and delivery, not just advisory
- Strong IEC 62443 knowledge and practical application - this is non-negotiable
- A consulting background with experience leading or developing a team
- Critical infrastructure experience - rail and transport highly regarded, energy, utilities and mining also considered
- The ability to engage credibly with site engineers and C-suite in the same week
- Australian Citizen or Permanent Resident
- GICSP, CISSP, CISM or similar advantageous but not a dealbreaker
The process
Two rounds. A conversation with the local AU lead first, followed by a technical presentation to the global OT leadership team.
If this has caught your attention, reach out directly: �� kris@decipherbureau.com �� 0452 564 644 Decipher Bureau and the clients we partner with are committed to creating a diverse and inclusive environment and are proud equal opportunity employers. All applicants will be considered without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.