Security Compliance Officer - ESO

About the Role

The UK has set out its ambition to be net zero by 2050 and the energy industry is responding – together we are building a cleaner, greener Britain.

As we grow the security team here at ESO, we are now looking for Policy and Standards leadership, joining the Governance function of a rapidly expanding & high-functioning team.   

You will play a pivotal role in ensuring the robustness and effectiveness of our organisation's security posture. You will be responsible for developing, implementing, and maintaining comprehensive cyber, physical and personnel security policies, standards, and frameworks in alignment with industry best practices and regulatory requirements. Your expertise will be crucial in safeguarding our assets, maintaining regulatory compliance, and mitigating security risks. 

This role can be based from Wokingham or Warwick, and we continue to offer hybrid working from office and home.

About Us

As Great Britain’s electricity system operator (ESO), we sit at the heart of the electricity system, using our outstanding engineering and commercial expertise to balance electricity supply and demand. Ultimately, we keep the electricity flowing directly to where it’s needed, second by second.

Becoming the Future System Operator
In 2021, government and Ofgem jointly consulted on proposals for an expert, impartial Future System Operator (FSO) with responsibilities across both the electricity and gas systems, to drive progress towards net zero while maintaining energy security and minimising costs for consumers. In October 2023, the Energy Act 2023 was passed, legislating for this Future System Operator to be created.  

The ESO, including all of its existing roles, will be at the heart of the new Future System Operator. We will be taking on additional roles across vectors and sectors to create an organisation with a whole energy system mindset; enabling us to identify solutions to our energy system that are more sustainable, secure, and affordable for all.  

The FSO will be set up as a public corporation with operational independence from government – bringing parties together to support optimised decision making and action. As now, it will be licenced and regulated by Ofgem through price control agreements. It is anticipated that the new organisation will be up and running in 2024.

The time to act on climate change is now. As part of our team, you won’t just be touching the lives of almost everyone in Great Britain – you’ll be shaping the way we use and consume energy for generations to come.

Key Accountabilities

• Ensure that ESO fulfils all applicable legal rules and regulations relating to cyber, personnel and physical security. 
• Remain up to date on regulations and legislations relevant to ESO and ensure policies are updated accordingly.
• Develop and implement security policies, standards and procedures to ensure compliance with applicable legal and regulatory requirements.
• Collaborate with cross-functional teams to identify, assess and mitigate security compliance risks.  Ensure that relevant evidence is available and kept up to date.
• Communicate compliance requirements with the business and external stakeholders, be first port of call for Security Compliance questions.
• Provide training content to support training and awareness of compliance requirements across ESO
• Perform security assessments and compliance testing across complex IT systems to determine compliance status and maturity.
• Prepare for, facilitate and co-ordinate all Security compliance inspections and audits, directing 3rd party support where required.  
• Record regulatory/compliance breaches or incidents, ensuring appropriate records are maintained and lessons learned with corrective actions implemented to prevent future problems.
• Provide improvement planning for relevant compliance requirements and implement and monitor processes to support those requirements.
• Manage and coordinate the completion of all regulatory submissions on behalf of the Security function.
• Determine compliance metrics and establish a system for tracking them, escalating major issues and/or highlighting where trends exist.
• Provide periodic reports to the Head of GRC and CISO on compliance activities, status and outputs.
• Contribute to the continual improvement of ESO's Control Framework to meet evolving needs and industry standards.

About You

• Excellent understanding of the Network and Information Systems Regulations (NISR).
• Experience working with frameworks/standards such as ISO27001, NIST 800-53, and NCSC CAF.
• CISA, CISM, CISSP or other relevant security certifications.
• Numerous years of relevant work experience in cyber security, risk advisory, or internal audit.
• Experience with GDPR, and other relevant regulations for energy organisations in the UK and Europe. 
• Excellent written and verbal communication and presentation skills.
• Ability to identify opportunities for business efficiency, develop and implement internal systems and controls. 
• Excellent problem-solving skills, including the ability to resolve complex issues and devise actionable solutions.
• Ability to compile, analyse and interpret management information and data to facilitate decision making.
• An inclusive approach that creates belonging, builds trust and promotes innovation. 

What You'll Get

A competitive salary between £60,000 – 80,000 – dependent on experience and capability.

As well as your base salary, you will receive a bonus of up to 15% of your salary for stretch performance, 28 days annual leave as standard, and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.

You will also have access to a comprehensive benefits package tailored to support your well-being and professional success. From a competitive salary to flexible work arrangements, we promote your work-life balance. Enjoy fit for purpose wellbeing and lifestyle offerings, ongoing skill development aligned to our Purpose and Values, and be part of a supportive community that values your individuality and where you can belong.

More Information

This role closes on 11/06/2024 at 23:59, however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.

We work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office. 

We're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.

#LI-BO1

#LI-HYBRID