At a Glance
- Tasks: Lead cyber security initiatives and manage operational staff to enhance security posture.
- Company: ScottishPower, part of the Iberdrola Group, a leader in renewable energy.
- Benefits: Competitive salary, generous leave, pension scheme, and health benefits.
- Other info: Join a diverse team committed to inclusion and professional growth.
- Why this job: Make a real impact in cyber security while contributing to a sustainable future.
- Qualifications: Experience in cyber security management and relevant certifications preferred.
The predicted salary is between 61000 - 77000 £ per year.
The successful candidate will lead and manage cyber security initiatives and operational staff, oversee resource utilization, and initiate corrective actions for the cyber security function. They will collaborate on various cyber security functions, including third-party management, data management (Data Loss Prevention), control assurance, response & recovery, and training & awareness programs. Additionally, they will contribute to the global cyber security function, enhancing our cyber security posture and protecting systems and data against threats.
The role also involves supporting the cyber security function to reduce risk, achieve compliance with industry standards, and ensure business resilience. The role requires identifying, assessing, quantifying, reporting, communicating, mitigating, and monitoring incidents. Ensuring compliance with policies, processes, and procedures, and driving process improvements is essential. The candidate will revise and develop processes to strengthen the cyber security posture, review third-party supplier arrangements, and address security challenges. They will manage data and risk activities, maintaining assurance frameworks for control effectiveness, and integrate and optimize security services and platforms. The Lead will support regulatory and industry compliance standards and risk reporting. They will collaborate with international companies within the Iberdrola Group (e.g., Scottish Power, Corporate IT, Iberdrola Cyber Fusion Centre) and external clients providing cyber services. Promoting good cyber security practices and supporting business activities across the organization is also a key aspect of the role.
The ideal candidate will have proven experience in managing cyber security, with or working towards certifications like CISSP, CISM, BCS ISMP, or equivalent. Experience in managing cyber security in IT environments with internal and external service provision, especially in continuous monitoring and incident response, is crucial. Knowledge of ISO/IEC 27001/27002 and ISMS creation/maintenance is advantageous. Familiarity with security platforms such as SIEM/SOAR, XDR, and Vulnerability Management is also beneficial. Experience in the energy utilities sector, particularly in electricity distribution and transmission, is a plus.
As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits:
- 36 days annual leave
- Holiday purchase - perfect your work/life balance with extra annual leave
- Share Incentive Plan and Sharesave Scheme
- Payroll giving and charity matched funding
- Technology Vouchers - save more and spread the cost of your technology purchases
- Count us in - pledge to reduce carbon emissions and help fight climate change
- Electric Vehicle Schemes - to help you transition to green/clean driving
- Cycle to Work scheme and public transport season ticket loans
- Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments
- Life Assurance (4x salary)
- Access to 'nudge' financial wellbeing support
- Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more
ScottishPower is part of the Iberdrola Group, one of the world's largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals in a global organisation. Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve.
ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support.
Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.
Cyber Risk & Assurance Lead in Glasgow employer: Iberdrola
ScottishPower is an exceptional employer, offering a dynamic work culture that prioritises inclusion, diversity, and sustainability. With a competitive salary and extensive benefits including generous annual leave, pension contributions, and health support, employees are empowered to grow their careers within a global leader in renewable energy. The hybrid working model and commitment to employee wellbeing make ScottishPower an attractive choice for those seeking meaningful and rewarding employment in the cyber security field.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Risk & Assurance Lead in Glasgow
✨Tip Number 1
Network like a pro! Reach out to current employees at ScottishPower on LinkedIn or attend industry events. A friendly chat can give us insights into the company culture and maybe even a referral!
✨Tip Number 2
Prepare for the interview by brushing up on your knowledge of cyber security frameworks and the latest trends. We want to show that we’re not just familiar with the basics but are genuinely passionate about enhancing cyber security.
✨Tip Number 3
Practice common interview questions, especially those related to risk management and incident response. We can even do mock interviews with friends to build confidence and refine our answers.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows that we’re serious about joining the team at ScottishPower.
We think you need these skills to ace Cyber Risk & Assurance Lead in Glasgow
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cyber Risk & Assurance Lead role. Highlight your relevant experience in managing cyber security initiatives and any certifications you have, like CISSP or CISM. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how you can contribute to our mission at ScottishPower. Be sure to mention specific projects or experiences that relate to the job description.
Showcase Your Achievements:When detailing your past roles, focus on your achievements rather than just responsibilities. Use metrics where possible to demonstrate your impact, like how you improved compliance or reduced risks in previous positions. We love numbers that tell a story!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll find all the details you need about the role and our company culture there!
How to prepare for a job interview at Iberdrola
✨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of cyber security principles, especially those relevant to the energy sector. Familiarise yourself with ISO/IEC 27001/27002 and be ready to discuss how you've applied these standards in past roles.
✨Showcase Your Leadership Skills
As a Cyber Risk & Assurance Lead, you'll need to demonstrate your ability to lead teams and manage initiatives. Prepare examples of how you've successfully led projects or teams in the past, focusing on your approach to resource management and corrective actions.
✨Be Ready for Scenario Questions
Expect questions that assess your problem-solving skills in real-world scenarios. Think about past incidents you've managed, how you identified and mitigated risks, and what processes you implemented to improve security posture.
✨Understand the Company’s Vision
ScottishPower is committed to renewable energy and sustainability. Research their initiatives and be prepared to discuss how your experience aligns with their goals, particularly in enhancing cyber security within a green energy framework.
