OTSN Cyber Risk Assessment Lead
Warwick, GB, CV34 6DA
Full Time Senior-level / Expert GBP 60K - 70K
National Grid
We are one of the world’s largest investor-owned energy companies, committed to delivering electricity and gas safely, reliably and efficiently to the customers and communities we serve.About the role
National Grid Electricity Transmission (ET) is at the heart of energy in the UK. The electricity we provide gets the nation to work, powers schools and brings energy to life. Our energy network connects the nation, so it is essential that it is continually evolving, advancing, and improving.
In ET we are passionate about both operating our network safely and providing highly reliable quality of supply for our customers. At the heart of achieving these outcomes is the effective control and operation of our network.
As our lead security risk analyst, you’ll drive the strategic direction for the system level risk identification, management, and review for one of ET’s most critical networks – the Operational Technology Services Network (OTSN).
As a key member in the Governance, Risk and Compliance section of the OTSN team, you will work closely with the Network Lifecycle team to develop the governance framework, supporting the creation of policies, frameworks, and specifications to understand and manage security risk in the OTSN environment.
Providing expert technical support for the risk assessment of vulnerabilities and deviations from the target state, you’ll agree mitigating actions to reduce risk. You will manage the OTSN risk registers and support the business to understand physical & cyber security threats through appropriate reporting and communication of current risks and vulnerabilities.
This role is based at our office Warwick for 2 days of the week and can be combined with hybrid working from home.
What you'll need
You’ll have a technical understanding of the LAN / WAN Networks and Operational Technology, as well as a detailed understanding of how security risks can manifest within networks, devices, and systems.
With relevant experience of managing a risk framework for a critical system including experience of leading a team of specialist risk analysts, you’ll have experience of using and developing decision making frameworks and tools that support the business in making economic assessments (NPV, CBA) and whole life value asset assessments (WLV).
Familiarity with international standards related to cyber security including IEC 62443 / ISO27019 is key as is a relevant security risk qualification (e.g. CRISC, FAIR). A good appreciation of the NIST CSF and audit processes is desirable and ideally you will have an appreciation of asset management principles.
You will have strong data analytical skills and excellent written and communication skills with the ability to interface comfortably with senior stakeholders. With well-developed investigative and problem-solving skills, you’ll find new ways to secure this critical network is intuitive.
What's in it for you?
A competitive salary of £60,000 – £70,000 per annum
- Annual Performance Based Bonus
- 37-hour week, with Hybrid working model between Home and Office
- 26 days annual leave, plus eight statutory days
- The option to buy additional or sell holiday days.
- Generous contributory pension scheme - we will double-match your contribution to a maximum company contribution of 12%
- Financial support to help cover the cost of professional membership subscriptions, course fees, books, exam fees and time off for study leave – so long as it is relevant to your role.
- Access to several flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.
- Family care benefits including a back-up care service for when your usual care arrangements fall through (six paid days each year as standard with the option to purchase further days)
- Access to numerous apps which support health, fitness and wellbeing.
More Information
This role closes at midnight on 29th April 2024, however, we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.
Don’t meet every single requirement? Studies have shown that women and people of colour are less likely to apply for jobs unless they meet every single qualification. At National Grid, we are committed to building a diverse, inclusive, and authentic workplace for everyone. So, if you are excited about this role but your experience or qualifications do not match the job description exactly, we encourage you to apply anyway. You might just be the right person for our growing business in this role or another one.
#LI-NB1
At National Grid, we work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.
Our goal is to drive, develop and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives and business need. We are committed to building a workforce so we can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.
Tags: Compliance CRISC Governance IEC 62443 NIST Risk assessment Vulnerabilities
Perks/benefits: Competitive pay Flex hours Flex vacation Health care Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs