Information Security & Cyber Security Officer

Help Shape the UK’s Energy Future. Opportunity with the Civil Works Alliance (CWA), Supporting Sizewell C.

As part of the CWA (Civil Works Alliance), you will support the building of Sizewell C. Sizewell C will be a 3.2-gigawatt power station generating low-carbon electricity for around 6 million homes and will play a key role in our energy future, supplying reliable, clean electricity for at least 60 years. This role will be within the CWA Wide Section.

What will you do?

We are recruiting for an Information Security Professional to join the CWA (Civil Works Alliance) and play a critical role in protecting one of the UK's most strategically important infrastructure projects. This is a senior security role where you'll establish and maintain our cyber security posture, safeguard sensitive information and ensure we meet Government standards and client obligations on a landmark nuclear energy project.

About the opportunity

As part of the CWA, we are delivering Sizewell C – a 3.2-gigawatt power station generating low-carbon electricity for around 6 million homes. This role is central to our security framework. You'll be the point of contact for information and cyber security across the Alliance, working at the highest levels to protect our systems, data and operations from evolving threats. You'll deputise for the Information Security Manager, sit on the Information Security and Cyber Security Steering Team, and ensure we comply with Sizewell C Works Information requirements, PAS 1192:2, Cyber Essentials, ISO 27001 and UK GDPR.

What you'll be responsible for:

• Deputize for the Information Security Manager and drive the cyber security agenda across the CWA.
• Serve as the single point of contact for all information and cyber security matters relating to the Civil Works Alliance.
• Establish, agree and maintain the Alliance Security Posture aligned to ISO 27001 and UK Cyber Essentials frameworks.
• Create and input to security principles, standards and execution/management plans.
• Schedule and interpret penetration testing results, prioritizing and implementing mitigations.
• Lead regular vulnerability assessments, identifying and closing security gaps.
• Implement and monitor cyber security controls working with the broader security team.
• Take on Data Protection Officer duties, assisting process owners with Data Protection impact assessments.
• Host regular security meetings with key stakeholders covering incidents, risks and regulatory/threat landscape changes.
• Identify and deliver information security training and awareness programs to embed good cyber security practices.
• Work closely with the Client, Alliance Partner CISOs, CWA IT team and key supplier security teams.
• Stay current with cyber threats, attack vectors and counter-measures.
• Feed security intelligence and risks into the Alliance risk register.
• Detect malicious activity and lead rapid response to limit business impact.

What are we looking for?

Who you are:

• Security Cleared or able to obtain clearance.
• A degree (or equivalent experience) in computer science, cyber security or a related discipline.
• Expert in SIEM and logging systems.
• Experienced in penetration testing techniques and tooling.
• Proficient in vulnerability identification and remediation.
• Deeply familiar with ISO 27001 controls, UK GDPR, SANS 20 critical security controls and UK Cyber Essentials.
• Strong ability to interpret, manage and lead on cyber security incidents.
• Skilled negotiator with excellent influencing capabilities.
• Experienced in project and management program.
• Customer-focused with a thorough understanding of business needs.
• Strong report writing skills with ability to communicate complex security concepts.
• Self-starter capable of prioritizing multiple work streams.
• A good blend of IT technologies knowledge to meet the diverse challenges of this role.

Why join us?

You’ll shape cyber security on a project defining Britain’s energy future – protecting critical national infrastructure that will supply clean electricity for at least 60 years. You’ll work with world-class teams, influence senior stakeholders including the Client and Alliance Partners, and implement cutting-edge security practices on a high-profile, complex program. This is a role where your expertise directly protects national infrastructure and contributes to UK energy security.

If you’re an experienced information security professional ready to drive excellence and safeguard a landmark project of genuine national importance, we’d like to hear from you.

What we will offer you?

The CWA is a single delivery organisation made up of the client (Sizewell C) and three parent companies - Balfour Beatty, Bouygues and Laing O’Rourke - which offer industry leading packages including market leading salaries, generous annual leave entitlements, pension scheme and other flexible benefits.

About Us

The CWA celebrates the creativity and innovation that comes from a diverse workforce, and we welcome applications from people of all backgrounds – especially those from under-represented communities. Our project is built on five core values: Humility, Positivity, Respect, Solidarity, and Clarity. By joining us, you’ll be encouraged to bring your whole self to work, speak up, and share your ideas. We encourage applications from all suitably qualified candidates, regardless of gender, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity.

We are committed to protecting your privacy. If you decide to apply, please avoid including sensitive personal data in your CV.