Anytime
Ofgem

1+ Ofgem Jobs

Regulatory Security Assurance Senior

Ofgem

United Kingdom | 27 day ago

  • / 1
  • Get job alerts and never miss a job!

    Regulatory Security Assurance Senior

    United Kingdom | Ofgem

    Job Details
    Category: I.T. & Communications
    Posted 27 days ago

    Provide leadership on assurance and drive down the risk of cyber-attacks on essential services.

    As the UK s regulator for the energy industry, Ofgem works on behalf of energy consumers to ensure that every household and business in the UK can rely on a safe and environmentally sustainable energy supply. Protecting the resilience of the UK national downstream gas and electricity sector infrastructure is key to this goal. That s why we work hard to ensure that operational systems and networks in the energy sector are able to resist cyber and related security threats.

    Inspection and enforcement plays a vital role in this process, helping operators of essential services to improve cyber resilience and protect the energy supply. Joining a multidisciplinary team as a Regulatory Security Senior, you ll provide cyber assurance relating to Great Britain s national energy infrastructure. Providing advice and guidance to the DGE sector on the compliance with the NIS regulations and ensuring through inspections, audits and testing in line with the NIS regulations.

    You ll bring expertise in cyber security, evidenced through an appropriate professional qualification such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP or SA/IEC 62443 Cybersecurity Expert. In-depth understanding of cyber risk assessments and methodologies in relation to operational technology (OT) and IT of Critical National Infrastructure environments is essential. You will also be familiar with applying controls across people, process and technology to mitigate risk. Proven experience of inspecting, auditing, or testing within an information security role is important, while client-facing experience, including strong negotiation, advisory and coaching skills, will be essential to your success.

    Ofgem relies on having a workforce that reflects the society we serve, so we welcome candidates from all backgrounds, and especially those from underrepresented groups. While this is a full-time role, flexible working patterns and job shares are welcome. We will also support you with excellent training and development opportunities, plus a competitive benefits package.

    Location: home-based (with travel required for site inspections)

    Job Description

    This role will be part of Cyber Security Directorate at Ofgem which, acts as Joint Competent Authority ( CA ) for The Security of Network & Information Systems Regulations ( NIS ) and the Authority for Smart Energy Code ( SEC ). The team is focused on compliance and enforcement, as well as assisting operators in improving the cyber resilience posture in the Downstream Gas and Electricity sector ( DGE ) in order to protect consumer s energy supply.

    Purpose: Operate as a Senior Cyber Assurance Lead, providing cyber assurance across Operators of Essential Services (OES) with high strategic impact to GB critical national infrastructure.

    Key Responsibilities, Outputs and Deliverables

    • Provide advice and guidance to the DGE sector on the compliance with the NIS regulations and ensuring through inspections, audits and testing that OES maintain compliance.
    • Deliver a set of inspections and audits in line with the NIS regulations.
    • Write and maintain high quality inspections and audit reports, providing analysis and outcomes.
    • Provide scrutiny of audit reports, assessment reports, improvement plans and incident reports.
    • Record outputs and decisions from inspections, audits and meetings, including any incidents, which may form part of an enforcements process.
    • Escalate non-compliances and offer advice to support a balanced penalty process.
    • Effectively communicate recommendations to the Advisory, Standards and Enforcement teams based on sound judgement and understand and use regulatory tools to drive improvements.
    • Support the assurance programme and projects in developing, drafting and/or reviewing framework, policies, guidance, procedures, and risk assessments where necessary for Ofgem to operate as Competent Authority.
    • Ensure alignment with government and industry objectives and standards, and liaise with senior stakeholders on how these can be met.
    Person Specification
    • Qualification in cyber security, evidenced through an appropriate professional qualification such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP, SA/IEC 62443 Cybersecurity Expert, relevant degree, or equivalent.
    • Experience of the following criteria that can be demonstrated by proven record of high performance and substantial achievements in past positions:
      • Proven experience in understanding cyber risk assessments and methodologies in relation to OT and IT of Critical National Infrastructure environments, and the application of appropriate and proportionate controls across people, process, and technology to mitigate risk.
      • Proven client-facing experience with strong negotiation, advising and coaching skills across a wide range of cyber security best practices, cyber risk assessment and cyber regulation.
      • Experienced in international standards and frameworks (Cyber, information security or similar)
      • Proven experience of inspecting, auditing, or testing with an information security role.
    • Extensive experience working collaboratively with diverse colleagues.
    • Have experience in the process of developing and managing a range of options and decisions that aligns with your organisation s priorities.
    • Able to achieve and maintain SC clearance.
    Qualifications

    Qualification in cyber security, evidenced through an appropriate professional qualification such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP, SA/IEC 62443 Cybersecurity Expert, relevant degree, or equivalent.

    Apply before 11:55 pm on Monday 14th November 2022

    Apply to this job.
    One step closer to getting hired!