Audit & Assurance Lead in Glasgow

Location: Glasgow

Salary: £59-74K (plus up to 15% bonus, private healthcare and up to 15% pension)

Permanent, Hybrid (2-3 days in the office)

Help us create a better future, quicker. We’re looking for an experienced Audit and Assurance Lead to play a pivotal role within a dynamic and ambitious global cyber security function. This position sits at the heart of ensuring cyber resilience across both Operational Technology (OT) and Information Technology (IT), contributing to the safe and reliable supply of electricity to customers.

What you’ll be doing

In this role, you will be responsible for planning and delivering assurance activities, while clearly communicating outcomes and insights to senior leadership. Working closely with the Governance and Compliance Manager as part of a wider Cyber Risk function, you will support all aspects of OT audit and assurance. You will support the identification and interpretation of key industry standards and regulatory requirements - particularly IEC 62443 and the Enhanced Cyber Assessment Framework - to ensure the organisation continues to reduce risk and safeguard its critical systems. You will play a key role in developing, maintaining and evaluating security policies and procedures, collaborating with engineering and operations teams to ensure that controls align with both internal expectations and external obligations. Alongside this, you will manage audit findings, follow up on remediation activity and contribute to continuous improvement in security practices. The role also offers the opportunity to research and apply emerging techniques and engage across industries to bring best practice into the organisation.

As part of a broader security transformation programme running through to 2027, you will support efforts to reduce risk, achieve compliance with NIS regulations and strengthen overall cyber resilience. Your work will directly contribute to shaping a more secure and forward-looking organisation. This role will involve consulting with senior stakeholders to provide guidance on risk management, security controls and compliance. You will plan assurance activities based on organisational risk and strategic priorities, assess the effectiveness of key controls and provide independent reporting on the organisation’s risk posture. You will also contribute to performance reporting through KPIs, KRIs and KCIs, monitor changes in the regulatory and threat landscape, and ensure risk assessments are conducted in line with defined methodologies. Working within established governance frameworks, you will support a range of risk and compliance activities, including NIS CAF reporting, risk assessments and the analysis of security requirements. You will provide clear, proportionate advice to stakeholders, helping them make informed decisions and validating the effectiveness of risk mitigation measures across the business.

What you’ll bring

The ideal candidate will bring strong expertise in IT and OT environments, with a deep technical understanding of how controls are designed and operate in practice. Experience within assurance or internal audit functions, along with familiarity with industry frameworks and standards, will be key. You will be comfortable operating at both a strategic and tactical level, building relationships across global teams and communicating complex ideas in a clear and accessible way. This is an opportunity to join a forward-thinking organisation undergoing significant transformation, where your expertise will have a tangible impact on security, compliance and operational resilience.

What’s in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%. At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that - so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include:

• 36 days annual leave
• Holiday purchase – perfect your work/life balance with extra annual leave
• Share Incentive Plan and Sharesave Scheme
• Payroll giving and charity matched funding
• Technology Vouchers – save more and spread the cost of your technology purchases
• Count us in – pledge to reduce carbon emissions and help fight climate change
• Electric Vehicle Schemes – to help you transition to green/clean driving
• Cycle to Work scheme and public transport season ticket loans
• Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments
• Life Assurance (4x salary)
• Access to ‘nudge’ financial wellbeing support
• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why ScottishPower

ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.

ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to careers@scottishpower.com.

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.

IMPORTANT Advert will close at 23:59 GMT the day before Job Posting End Date below June-11-2026