At a Glance
- Tasks: Lead assurance activities to enhance cyber resilience in a dynamic global team.
- Company: Join ScottishPower, a leader in renewable energy and innovation.
- Benefits: Enjoy competitive salary, generous leave, and wellness perks.
- Other info: Be part of a diverse team committed to sustainability and community.
- Why this job: Make a real impact on security and compliance in a transformative role.
- Qualifications: Strong expertise in IT/OT environments and assurance functions required.
The predicted salary is between 59000 - 74000 £ per year.
Location: Glasgow
Salary: £59-74K (plus up to 15% bonus, private healthcare and up to 15% pension)
Permanent, Hybrid (2-3 days in the office)
Help us create a better future, quicker. We’re looking for an experienced Audit and Assurance Lead to play a pivotal role within a dynamic and ambitious global cyber security function. This position sits at the heart of ensuring cyber resilience across both Operational Technology (OT) and Information Technology (IT), contributing to the safe and reliable supply of electricity to customers.
What you’ll be doing
In this role, you will be responsible for planning and delivering assurance activities, while clearly communicating outcomes and insights to senior leadership. Working closely with the Governance and Compliance Manager as part of a wider Cyber Risk function, you will support all aspects of OT audit and assurance. You will support the identification and interpretation of key industry standards and regulatory requirements - particularly IEC 62443 and the Enhanced Cyber Assessment Framework - to ensure the organisation continues to reduce risk and safeguard its critical systems.
You will play a key role in developing, maintaining and evaluating security policies and procedures, collaborating with engineering and operations teams to ensure that controls align with both internal expectations and external obligations. Alongside this, you will manage audit findings, follow up on remediation activity and contribute to continuous improvement in security practices. The role also offers the opportunity to research and apply emerging techniques and engage across industries to bring best practice into the organisation.
As part of a broader security transformation programme running through to 2027, you will support efforts to reduce risk, achieve compliance with NIS regulations and strengthen overall cyber resilience. Your work will directly contribute to shaping a more secure and forward-looking organisation.
This role will involve consulting with senior stakeholders to provide guidance on risk management, security controls and compliance. You will plan assurance activities based on organisational risk and strategic priorities, assess the effectiveness of key controls and provide independent reporting on the organisation’s risk posture. You will also contribute to performance reporting through KPIs, KRIs and KCIs, monitor changes in the regulatory and threat landscape, and ensure risk assessments are conducted in line with defined methodologies.
Working within established governance frameworks, you will support a range of risk and compliance activities, including NIS CAF reporting, risk assessments and the analysis of security requirements. You will provide clear, proportionate advice to stakeholders, helping them make informed decisions and validating the effectiveness of risk mitigation measures across the business.
What you’ll bring
The ideal candidate will bring strong expertise in IT and OT environments, with a deep technical understanding of how controls are designed and operate in practice. Experience within assurance or internal audit functions, along with familiarity with industry frameworks and standards, will be key. You will be comfortable operating at both a strategic and tactical level, building relationships across global teams and communicating complex ideas in a clear and accessible way.
This is an opportunity to join a forward-thinking organisation undergoing significant transformation, where your expertise will have a tangible impact on security, compliance and operational resilience.
What’s in it for you
As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%.
At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that - so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include:
- 36 days annual leave
- Holiday purchase – perfect your work/life balance with extra annual leave
- Share Incentive Plan and Sharesave Scheme
- Payroll giving and charity matched funding
- Technology Vouchers – save more and spread the cost of your technology purchases
- Count us in – pledge to reduce carbon emissions and help fight climate change
- Electric Vehicle Schemes – to help you transition to green/clean driving
- Cycle to Work scheme and public transport season ticket loans
- Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments
- Life Assurance (4x salary)
- Access to ‘nudge’ financial wellbeing support
- Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more
Why ScottishPower
ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.
Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.
ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to careers@scottishpower.com.
Mobility
Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.
IMPORTANT
Advert will close at 23:59 GMT the day before Job Posting End Date below June-11-2026
Audit & Assurance Lead in Glasgow employer: Iberdrola Group
ScottishPower is an exceptional employer, offering a competitive salary and a comprehensive benefits package that includes generous annual leave, a robust pension scheme, and support for personal wellbeing. With a strong commitment to employee growth and a culture of inclusion and diversity, you will thrive in a forward-thinking environment that values your contributions to shaping a sustainable future in the energy sector. Located in Glasgow, this role provides the unique opportunity to be part of a global leader in renewable energy, where your expertise will directly impact the organisation's journey towards Net Zero.
StudySmarter Expert Advice🤫
We think this is how you could land Audit & Assurance Lead in Glasgow
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect on LinkedIn. The more people you know, the better your chances of landing that Audit & Assurance Lead role.
✨Tip Number 2
Prepare for interviews by researching the company and its values. Understand their approach to cyber resilience and be ready to discuss how your experience aligns with their goals. Show them you’re not just another candidate!
✨Tip Number 3
Practice your communication skills! You’ll need to convey complex ideas clearly, especially when consulting with senior stakeholders. Mock interviews can help you nail this down before the real deal.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, it shows you’re genuinely interested in being part of our team at ScottishPower.
We think you need these skills to ace Audit & Assurance Lead in Glasgow
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Audit & Assurance Lead role. Highlight your experience in IT and OT environments, and don’t forget to mention any familiarity with industry frameworks like IEC 62443. We want to see how your skills align with what we’re looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cyber resilience and how your expertise can contribute to our mission. Keep it concise but impactful – we love a good story that connects your experience to our goals.
Showcase Your Communication Skills:In this role, you’ll be consulting with senior stakeholders, so it’s crucial to demonstrate your ability to communicate complex ideas clearly. Use your application to showcase examples of how you’ve effectively communicated insights or outcomes in previous roles.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll find all the details you need about the role and our company culture there!
How to prepare for a job interview at Iberdrola Group
✨Know Your Standards
Familiarise yourself with key industry standards like IEC 62443 and the Enhanced Cyber Assessment Framework. Being able to discuss these frameworks confidently will show that you understand the regulatory landscape and can effectively contribute to the organisation's compliance efforts.
✨Communicate Clearly
Practice articulating complex ideas in a straightforward manner. Since you'll be consulting with senior stakeholders, being able to break down technical jargon into accessible language is crucial. Consider doing mock interviews with friends or colleagues to refine your communication skills.
✨Showcase Your Experience
Prepare specific examples from your past roles that demonstrate your expertise in IT and OT environments. Highlight your experience in assurance or internal audit functions, and be ready to discuss how you've successfully managed audit findings and contributed to continuous improvement.
✨Engage with the Company’s Vision
Research ScottishPower’s commitment to renewable energy and their journey towards Net Zero. Showing genuine interest in their mission and values during the interview will help you connect with the interviewers and demonstrate that you're aligned with their goals.
