Senior Cyber Security Consultant

hackajob is a matching platform partnering with Scottish Power, helping them hire the best talent and build the future. To get the chance to get matched to this role and other similar roles, click on Apply.

About

Scottish Power is embarking on a Cyber Security Transformation Programme. They’re looking for a subject matter expert to manage the delivery Scottish Power’s cyber security strategy across all Scottish Power businesses. The Senior Cyber Security Consultant will define and deliver programmes and initiatives aligning to our cyber security strategy.

What you’ll be doing

As the Senior Cyber Security Consultant, you’ll design the cyber security strategy, aligning it to their business objectives. Looking at the current cyber security capabilities across Scottish Power, you’ll identify gaps and manage initiatives across all their businesses to drive improvements.

You'll bridge the gap between technical and non-technical people, articulating complex risks, assessing emerging threats, and establishing strategies for delivering and enhancing security controls.

You'll define and deliver programmes and initiatives, continuously improving cyber security, championing staff development, encouraging learning, and identifying areas where capabilities need to be improved.

Collaboration is key within this role – working with colleagues across all Scottish Power businesses to build strong relationships, providing subject matter expertise in all aspects of cyber security.

You'll support the definition, delivery and implementation of programmes delivering compliance with regulatory requirements such as NIS, GDPR, ISO27001, SMART, etc.

What you’ll bring

* Highly specialised technical knowledge and experience of cyber security as evidenced by relevant industry qualifications (e.g. GICSP, GCIP, CISSP, CISM).

* Specialised knowledge of the Network & Information Systems (NIS) regulation and how it is implemented in the UK energy sector.

* Expert knowledge in cyber security frameworks and standards as well as a deep understanding of cyber security regulations as they apply to a UK energy supplier.

* Specialist knowledge of assessing cyber security risks.

* Significant experience in assessing technical designs across multiple IT/OT disciplines and defining appropriate security controls.

* Knowledge and understanding of cybersecurity threats and associated attack techniques.

* Analysis and management of risks and cybersecurity controls. Standards and methodologies: ISO 27000, NIST, SANS CSC, etc.

* Knowledge of application security and associated standards.

What’s in it for you?

* Annual Leave beyond the statutory entitlement of 31 days

* Enhanced maternity and adoption leave

* Enhanced annual leave

* Caring and development breaks

* Pension scheme

* ScottishPower Share Incentive Plan (SIP)

* Access to ‘nudge’ financial wellbeing support

* Life Assurance

* Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments

* Electric Vehicle Schemes – to help you transition to green/clean driving

* Cycle to Work scheme and public transport season ticket loans

* Technology Vouchers – save more and spread the cost of your technology purposes

* Holiday purchase – perfect your work/life balance with extra annual leave

* Payroll giving and charity matched funding

This role will be a hybrid one, with 1 day per month at the office in Glasgow, UK