UK Power NetworksThis is a Permanent job.

Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we''re seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to £75,000.00 plus a 7.5% bonus.

Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You''ll report directly to the Cyber Security Governance, Risk and Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You''ll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you''ll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations.

Responsibilities

Conducting cyber security risk assessments using the UK Power Networks framework

Identifying, tracking, and remediating control environment risks

Ensuring third-party risks are also addressed

Producing management information and regulatory submissions

Maintaining compliance with major standards like ISO 27001/27002

Providing assurance for policy compliance

Establishing robust GRC policies and procedures

Developing the IT controls framework

Supporting business continuity and disaster recovery planning

Operating and improving our information security management system

Ensuring ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code

Supporting technical implementation of GRC tools

QualificationsWe are looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous.

Benefits

25 days of annual leave plus bank holidays

Reservist leave

A generous pension plan

Tenancy loan deposit and season ticket schemes

Tax-efficient benefits

Health support

Retail discounts

An employee assistance programme

We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level.

If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career - your expertise could make all the difference.

Closing date: 28/09/2025

#J-18808-Ljbffr