Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead a team to manage Cyber Assurance Reviews and ensure compliance across ScottishPower.
- Company: ScottishPower is a leader in renewable energy, part of the Iberdrola Group.
- Benefits: Enjoy hybrid working, 36 days annual leave, and a competitive salary with bonuses.
- Other info: Diversity and inclusion are core values; we support candidates with disabilities.
- Why this job: Join a transformative Cyber Security programme and make a real impact on energy sustainability.
- Qualifications: Expertise in Cyber Security with relevant qualifications like CISSP or CISM required.
The predicted salary is between 65500 - 82000 £ per year.
Cyber Assurance and Compliance Manager
Glasgow
Salary: £65,500-£82,000 benefits (20% bonus, car allowance & private healthcare)
Hybrid working, Permanent
Help us create a better future, quicker
Scottish Power is embarking on a Cyber Security Transformation Programme. We\’re looking for a subject matter expert to define, implement, and manage the Cyber Security Assurance Model, designed to validate both our risk and compliance positions across ScottishPower (including the NIS Regulation).
What you\’ll be doing
This role leads a team to deliver a defined list of Cyber Assurance Reviews, Programs, and Initiatives as well as the Cyber Assurance and Compliance related objectives contributing to the ScottishPower Cyber Security Strategy.
Sitting within the 2nd Line of defence, you\’ll lead and support the business, managing risk and compliance positions effectively. Providing Senior Leaders with independent assurance of their cyber risk and regulatory compliance posture.
The role will work collaboratively with 1st Line Cyber Teams to ensure Business Assurance plans are known and the requirements of 2nd Line are understood.
This role is key in helping to define the Cyber Security strategy.
Things you\’ll be working on
You\’ll establish an Enterprise Cyber Assurance Plan, delivering assurance outcomes to the Senior Leadership team.
You\’ll provide annual assurance on the current compliance position, managing across key stakeholders, before delivering/reporting the outcome to the relevant Governance Committee.
In addition, you\’ll make sure any 3rd Party due diligence methods are adequate and fit for purposes, owning the end-to-end 3rd Party Risk Management Process, and making sure processes (Onboarding, Ongoing and Offboarding) are defined, implemented, managed, and monitored.
You\’ll build and maintain strong relationships with Global and Local Colleagues.
What you\’ll bring
- Highly specialised knowledge and experience of Cyber Security as evidenced by relevant industry qualifications (e.g. GICSP, CISSP, CISM)
- Experience of developing and leading Cyber Security Assurance Programs, with previous Security Management experience in a global organisation preferred.
- Expert knowledge in cyber security frameworks and standards
- Significant experience in defining, developing and delivering cyber security risk strategies and programs.
- Specialist knowledge of risk assessing cyber security risks
- Awareness of key legislation and regulation impacting the delivery of IT and OT Cyber Security in an energy utility.
- Experienced in developing and communicating Cyber Security Risk Strategies.
What\’s in it for you
As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we\’ll double match your contribution up to a company contribution of 10%.
At ScottishPower, we believe it\’s the little things we do in life that make a big difference. From helping you look after your family\’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that – so that you have everything you need to take care of your world – today and tomorrow. That\’s why our benefits include:
- 36 days annual leave
- Holiday purchase – perfect your work/life balance with extra annual leave
- Share Incentive Plan and Sharesave Scheme
- Payroll giving and charity matched funding
- Technology Vouchers – save more and spread the cost of your technology purposes
- Count us in – pledge to reduce carbon emissions and help fight climate change
- Electric Vehicle Schemes – to help you transition to green/clean driving
- Cycle to Work scheme and public transport season ticket loans
- Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments
- Life Assurance (4x salary)
- Access to \’nudge\’ financial wellbeing support
- Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more
Why ScottishPower
ScottishPower is part of the Iberdrola Group, one of the world\’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we\’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.
Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you\’ll fit right in.
ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support.
Mobility
Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.
IMPORTANT
Advert will close at 23:59 GMT the day before Job Posting End Date below
August-2-2025
- Leeds, UK; Glasgow, UK; Edinburgh, UK; Greater Manchester, UK
- We prioritise your well-being with a comprehensive range of benefits designed to support you both personally and professionally.
- Competitive salary and a broad range of employee benefits
- Leeds, UK; Glasgow, UK; Edinburgh, UK; Greater Manchester, UK
- We prioritise your well-being with a comprehensive range of benefits designed to support you both personally and professionally.
- Competitive salary and a broad range of employee benefits
#J-18808-Ljbffr
Cyber Assurance + Compliance Mgr employer: Iberdrola
Contact Detail:
Iberdrola Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Assurance + Compliance Mgr
✨Tip Number 1
Familiarise yourself with the specific cyber security frameworks and standards mentioned in the job description. Being able to discuss these in detail during your interview will demonstrate your expertise and alignment with the role.
✨Tip Number 2
Network with professionals in the cyber security field, especially those who have experience in energy utilities. Engaging with them can provide insights into the industry and may even lead to referrals or recommendations for the position.
✨Tip Number 3
Prepare to discuss your previous experience in developing and leading Cyber Security Assurance Programs. Be ready to share specific examples of how you managed risk and compliance, as this will be crucial in showcasing your fit for the role.
✨Tip Number 4
Research ScottishPower's current initiatives and challenges in cyber security. Understanding their Cyber Security Transformation Programme will allow you to tailor your responses and show that you're genuinely interested in contributing to their goals.
We think you need these skills to ace Cyber Assurance + Compliance Mgr
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Cyber Security and Compliance. Use keywords from the job description, such as 'Cyber Assurance', 'risk management', and specific qualifications like GICSP or CISSP.
Craft a Compelling Cover Letter: In your cover letter, explain why you are passionate about Cyber Security and how your background aligns with ScottishPower's goals. Mention specific projects or achievements that demonstrate your expertise in developing Cyber Security Assurance Programs.
Showcase Relevant Qualifications: List any industry qualifications prominently in your application. Highlight your experience with cyber security frameworks and legislation, as these are crucial for the role.
Prepare for Potential Questions: Think about how you would answer questions related to risk assessment and compliance strategies. Be ready to discuss your previous experiences and how they relate to the responsibilities outlined in the job description.
How to prepare for a job interview at Iberdrola
✨Showcase Your Expertise
Make sure to highlight your specialised knowledge in Cyber Security. Bring up relevant industry qualifications like GICSP, CISSP, or CISM during the interview to demonstrate your credibility and expertise.
✨Understand the Cyber Assurance Model
Familiarise yourself with the Cyber Security Assurance Model that ScottishPower is implementing. Be prepared to discuss how you would define, implement, and manage this model effectively.
✨Prepare for Scenario-Based Questions
Expect questions that assess your experience in developing and leading Cyber Security Assurance Programs. Prepare specific examples from your past roles that showcase your ability to manage risk and compliance effectively.
✨Emphasise Collaboration Skills
Since the role involves working closely with various teams, be ready to discuss your experience in building strong relationships with stakeholders. Highlight any previous collaborative projects that demonstrate your teamwork skills.