Information Security & Cyber Security Officer in London

As part of the CWA (Civil Works Alliance), you will support the building of Sizewell C. Sizewell C will be a 3.2-gigawatt power station generating low‑carbon electricity for around 6 million homes and will play a key role in our energy future, supplying reliable, clean electricity for at least 60 years. This role will be within the CWA Wide Section.

We are recruiting for an Information Security Professional to join the CWA (Civil Works Alliance) and play a critical role in protecting one of the UK's most strategically important infrastructure projects. This is a senior security role where you'll establish and maintain our cyber security posture, safeguard sensitive information and ensure we meet Government standards and client obligations on a landmark nuclear energy project.

As part of the CWA, we are delivering Sizewell C – a 3.2-gigawatt power station generating low‑carbon electricity for around 6 million homes. This role is central to our security framework. You'll be the point of contact for information and cyber security across the Alliance, working at the highest levels to protect our systems, data and operations from evolving threats. You'll deputise for the Information Security Manager, sit on the Information Security and Cyber Security Steering Team, and ensure we comply with Sizewell C Works Information requirements, PAS 1192:2, Cyber Essentials, ISO 27001 and UK GDPR.

What you'll be responsible for:

• Deputize for the Information Security Manager and drive the cyber security agenda across the CWA
• Serve as the single point of contact for all information and cyber security matters relating to the Civil Works Alliance
• Establish, agree and maintain the Alliance Security Posture aligned to ISO 27001 and UK Cyber Essentials frameworks
• Create and input to security principles, standards and execution/management plans
• Schedule and interpret penetration testing results, prioritising and implementing mitigations
• Lead regular vulnerability assessments, identifying and closing security gaps
• Implement and monitor cyber security controls working with the broader security team
• Take on Data Protection Officer duties, assisting process owners with Data Protection impact assessments
• Host regular security meetings with key stakeholders covering incidents, risks and regulatory/threat landscape changes
• Identify and deliver information security training and awareness programs to embed good cyber security practices
• Work closely with the Client, Alliance Partner CISOs, CWA IT team and key supplier security teams
• Stay current with cyber threats, attack vectors and counter‑measures
• Feed security intelligence and risks into the Alliance risk register
• Detect malicious activity and lead rapid response to limit business impact

What are we looking for?

• Security Cleared or able to obtain clearance
• A degree (or equivalent experience) in computer science, cyber security or a related discipline
• Expert in SIEM and logging systems
• Experienced in penetration testing techniques and tooling
• Proficient in vulnerability identification and remediation
• Deeply familiar with ISO 27001 controls, UK GDPR, SANS 20 critical security controls and UK Cyber Essentials
• Strong ability to interpret, manage and lead on cyber security incidents
• Skilled negotiator with excellent influencing capabilities
• Experienced in project and management program
• Customer‑focused with a thorough understanding of business needs
• Strong report writing skills with ability to communicate complex security concepts
• Self‑starter capable of prioritising multiple work streams
• A good blend of IT technologies knowledge to meet the diverse challenges of this role

You will shape cyber security on a project defining Britain's energy future – protecting critical national infrastructure that will supply clean electricity for at least 60 years. You'll work with world‑class teams, influence senior stakeholders including the Client and Alliance Partners, and implement cutting‑edge security practices on a high‑profile, complex program. This is a role where your expertise directly protects national infrastructure and contributes to UK energy security.

If you're an experienced information security professional ready to drive excellence and safeguard a landmark project of genuine national importance, we'd like to hear from you.

What we will offer you?

The CWA is a single delivery organisation made of the client (Sizewell C) and three parent companies – Balfour Beatty, Bouygues and Laing O'Rourke – which offer industry leading packages including market leading salaries, generous annual leave entitlements, pension scheme and other flexible benefits.

We encourage applications from all suitably qualified candidates, regardless of gender, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity.