Head of OT Cyber Security / Practice Lead

Build the Practice. Own the Market. Lead Critical Infrastructure Security.

Let's be direct—this isn't a BAU leadership role.

This is a build mandate.

We're looking for someone who knows OT cyber inside out and wants to step into a role where they own the strategy, the offering, the team, and the revenue line.

If you've been operating in a large consultancy or utility and feel constrained—this is your opportunity to take control and build something properly.

What This Role Actually Is

• You will stand up and scale an OT Cyber Security practice in Australia

• You will own P&L, pipeline, and market positioning

• You will define what gets built, how it's delivered, and how it scales

• You will hire, shape, and lead a high-performance OT cyber team

• This is a practice lead + technical authority + growth engine in one role.

What You'll Be Driving

Growth & Market Ownership

• Build a credible OT cyber capability from the ground up

• Win and shape deals across energy, utilities, and critical infrastructure

• Position the business as a serious OT cyber player—not just another advisory shop

Technical Leadership (You Must Be Hands-On)

Lead delivery and design across:

• OT SOC / CDRC (Sentinel, SIEM, detection engineering)
• ATT&CK for ICS, threat hunting, purple teaming
• IEC 62443 segmentation & secure architecture
• PKI and NAC in complex OT environments

Build & Scale

• Create structured offerings clients can buy, prove, and expand

• Establish a Design Build Integrate Operate model that actually works

• Build playbooks, delivery standards, and repeatable IP

Client & Industry Influence

• Advise boards and execs on SOCI, CIRMP, and real-world risk

• Run tabletop exercises, crisis scenarios, and executive briefings

• Be visible—conferences, panels, industry conversations

Team Creation

• Hire and lead serious OT talent (architects, engineers, analysts)

• Mentor and lift capability—not just manage it

• Build a team clients trust in high-stakes environments

What You Need to Bring

Let's not sugar-coat it—this is a high bar role.

You'll likely have:

• 10+ years in cyber, with deep OT/ICS experience

• Delivered real OT security programs, not just slideware

• Built or significantly contributed to:

  • OT SOC / detection capability

  • Segmentation (IEC 62443)

  • PKI / NAC in industrial environments

• Strong understanding of:

  • SCADA, EMS/DMS, PLCs, RTUs, IEDs

  • Australian regulatory landscape (SOCI, CIRMP, AESCSF)

And critically—you can:

• Win work

• Influence senior stakeholders

• Make decisions in ambiguity

• Build something that lasts

What Makes This Different

• You're not inheriting a broken team—you're building it properly from day one

• You're not boxed into pre-defined services—you define the offering

• You're not just delivering—you're owning growth and direction

• You're working on real critical infrastructure challenges, not theoretical frameworks

The Reality Check

This role is not for everyone.

• It's not low-pressure

• It's not purely strategic

• It's not manage and report

It's for someone who wants to step up, take ownership, and leave a mark on the OT cyber landscape in Australia.

Location

Australia (Melbourne or Sydney preferred)

Travel will be part of the role—this is a client-facing leadership position

Interested?

If you're already operating at this level—or know you're ready to—apply now or reach out for a confidential discussion.