Access and Management Lead

Location: Glasgow or Prenton

Salary: £53-66K

Hybrid working, Permanent

Help us create a better future, quicker. SP Energy Networks (SPEN) has kicked off an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations and deliver a cyber resilient business. The Access Management Lead will be essential in achieving our goals. The programme of work has kicked off and is planned to deliver through to 2025. This role will play a critical role in the delivery of a central Access capability to support the secure access to and protection of the organisation's applications and data by staff and partners/suppliers.

The Access Management Lead integrates into an active and ambitious global cyber security function, contributing to SPEN’s cyber security purpose of delivering cyber resilient OT and IT, to enable a safe and reliable electricity supply to customers. Additionally, this role will be expected to research new and specialist techniques, work cross industry, and help to shape SPEN's OT LAB.

What you’ll be doing:

• Design and deliver the Access Management (IdAM) mechanisms and policies for IT/OT systems.
• Design and deliver a service to configure authentication and authorisation for access to IT/OT systems (including user login and application access).
• Perform Access Management (IAM) reviews including user accesses, device and application accesses, privileged access, and wireless access; to ensure that all users have the correct roles and access permissions assigned.
• Ensure that the IdAM configurations are compliant with NIS-D and internal security standards and implement a service to manage the domain controller configuration.
• Deliver and maintain Access Management solutions.
• Maintain the Joiners, Movers and Leavers process and document any changes to the function of each employee.
• Provide a support role as part of the regular NIS Cyber Assessment framework (CAF) compliance and regular reporting requirements.
• Support the Security Operations Manager on all response and recovery activities related to IAM.
• Provide expert input into the following areas: Access Management (IdAM) Design, Authentication and Authorisation Configuration (Competency based IdAM), Access Management (IdAM) Review, (IdAM) Administration, Personnel Security Assessment, Privileged Access Management, Remote Access Security Design, Remote Access Security Configuration.

What you’ll bring:

• Extensive experience in Access Management (IdAM) within an operational technology or systems environment.
• A track record of successfully delivering similar services in a complex, regulated enterprise.
• Experience of working with Stakeholders and third parties.
• Knowledge of the requirements of IEC 62443, NIS-D, least privileges and need-to-know principles.
• Experience of NIS compliance requirements associated with Access Management (IdAM) and solutions to mitigate risks.
• Global perspective, multi-cultural understanding, and approach.
• Knowledge of the requirements of IEC 62443, NIS-D, least privileges and need-to-know principles (but not essential).

What’s in it for you:

• 36 days annual leave.
• Holiday purchase – perfect your work/life balance with extra annual leave.
• Share Incentive Plan and Sharesave Scheme.
• Payroll giving and charity matched funding.
• Technology Vouchers – save more and spread the cost of your technology purchases.
• Count us in – pledge to reduce carbon emissions and help fight climate change.
• Electric Vehicle Schemes – to help you transition to green/clean driving.
• Cycle to Work scheme and public transport season ticket loans.
• Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments.
• Life Assurance (4x salary).
• Access to ‘nudge’ financial wellbeing support.
• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more.

Why SP Energy Networks:

SP Energy Networks is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. We keep electricity flowing to homes and businesses through Central and Southern Scotland, North Wales and in the North West of England. We operate over 4000km of cables and lines that make up the transmission network – connecting infrastructure like wind farms into the electricity system. It’s a role that puts us right at the heart of Scotland’s ambition to be Net Zero by 2044. And we’re taking it very seriously. We’re investing >£5.5 billion into our transmission network, directly supporting the rapid growth needed in renewable energy. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation. Diversity and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve.

We are committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require related support. If you need support, please reach out to careers@scottishpower.com.

Mobility: Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary immigration requirements.

IMPORTANT: Advert will close at 23:59 GMT the day before Job Posting End Date below June-9-2025.