Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber governance and risk management for a critical national infrastructure organisation.
- Company: ScottishPower, part of the Iberdrola Group, a leader in renewable energy.
- Benefits: Competitive salary, generous leave, pension matching, and health benefits.
- Why this job: Shape the future of energy while ensuring robust cyber security in a dynamic environment.
- Qualifications: Proven experience in cyber security leadership and recognised industry qualifications.
- Other info: Join a diverse team committed to sustainability and community impact.
The predicted salary is between 80000 - 100000 £ per year.
This is a senior leadership role with ownership of cyber governance, risk and assurance for a UK Critical National Infrastructure operator. You will shape policy, lead enterprise cyber risk management and direct a robust assurance programme, providing clear executive-level insight and confidence that cyber risks are understood, controlled and compliant in a highly regulated environment.
You will lead cyber governance, risk and assurance for a critical national infrastructure organisation, shaping how cyber risk is managed across IT, operational technology, cloud and the supply chain. The role brings ownership of enterprise cyber risk management – setting a clear, consistent approach to identifying, prioritising and reporting risk, and providing independent, executive-level insight that informs decisions at board level. You will also design and lead a robust second-line assurance programme, covering control testing, supplier assurance and regulatory readiness, giving stakeholders confidence that cyber risks are understood, controlled and compliant.
As a senior leader, you will build and develop a high-performing cyber team, own executive reporting and dashboards, manage a £1.5m operating budget, and work closely with global security colleagues to align UK and group priorities.
You will be an experienced cyber security leader, with recognised industry qualifications (such as CISSP, CISM or GICSP) and a proven track record of leading cyber governance and enterprise risk management at scale. You will bring deep expertise in cyber security frameworks, standards and UK regulatory expectations, ideally within highly regulated or critical infrastructure environments. You will have a strong assurance background, with hands-on experience operating at second line of defence – including control testing, supplier assurance and regulatory readiness – and the confidence to provide independent challenge where it matters.
As a trusted senior leader, you will be able to translate complex technical risk into clear, actionable insight for executives and boards, influencing decisions and investment. You will be credible, confident and effective in managing senior stakeholders, able to build trust and drive alignment across business, technology and global security teams.
As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we will double match your contribution up to a company contribution of 10%. At ScottishPower, we believe it's the little things we do in life that make a big difference. From helping you look after your family's wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that – so that you have everything you need to take care of your world – today and tomorrow.
- 36 days annual leave
- Holiday Purchase – perfect your work/life balance with extra annual leave
- Share Schemes
- Payroll Giving and Charity Matched Funding
- Technology Vouchers – save more and spread the cost of your technology purchases
- Electric Vehicle Schemes – to help you transition to green/clean driving
- Cycle to Work scheme and Public Transport Season Ticket Loans
- Healthcare benefit options including: Dental Insurance, Private Medical Insurance, Health Cash Plan and annual Health Assessments
- Life Assurance (4x salary)
- Access to Savesmart financial wellbeing support
- Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more
ScottishPower is part of the Iberdrola Group, one of the world's largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we are at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation. Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve.
ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support.
Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.
Head of Cyber Governance, Risk & Assurance in Glasgow employer: Iberdrola
Contact Detail:
Iberdrola Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Head of Cyber Governance, Risk & Assurance in Glasgow
✨Tip Number 1
Network like a pro! Reach out to your connections in the cyber security field, especially those who work at ScottishPower or similar companies. A friendly chat can open doors and give you insider info about the role.
✨Tip Number 2
Prepare for the interview by brushing up on your knowledge of cyber governance frameworks and UK regulations. Be ready to discuss how you've tackled similar challenges in the past – real-life examples will make you stand out!
✨Tip Number 3
Showcase your leadership skills! Think about how you've built and developed teams before. Be prepared to share your vision for leading a high-performing cyber team and how you plan to align with global security priorities.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, it shows you're genuinely interested in joining our team at ScottishPower.
We think you need these skills to ace Head of Cyber Governance, Risk & Assurance in Glasgow
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Head of Cyber Governance, Risk & Assurance role. Highlight your experience in cyber governance and risk management, and don’t forget to mention any relevant qualifications like CISSP or CISM. We want to see how your skills align with what we’re looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for this senior leadership role. Share specific examples of how you’ve led cyber governance initiatives and managed risks in previous positions. Let us know how you can make an impact at ScottishPower!
Showcase Your Leadership Skills: As a senior leader, it’s crucial to demonstrate your ability to manage teams and influence stakeholders. In your application, highlight instances where you’ve built high-performing teams or successfully communicated complex technical risks to executives. We’re keen to see your leadership style!
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it gives you a chance to explore more about our company culture and values while you’re at it!
How to prepare for a job interview at Iberdrola
✨Know Your Cyber Governance Inside Out
Make sure you’re well-versed in the latest cyber governance frameworks and standards. Brush up on UK regulatory expectations, especially those relevant to critical infrastructure. This will not only help you answer questions confidently but also demonstrate your expertise in the field.
✨Prepare for Executive-Level Discussions
Since this role involves providing insight at the board level, practice translating complex technical risks into clear, actionable insights. Think about how you would present these insights to non-technical stakeholders and prepare examples of how you've influenced decisions in previous roles.
✨Showcase Your Leadership Skills
Be ready to discuss your experience in building and developing high-performing teams. Prepare specific examples of how you’ve managed budgets, led assurance programmes, and aligned priorities across different teams. Highlight your ability to foster trust and collaboration among senior stakeholders.
✨Ask Insightful Questions
Prepare thoughtful questions that show your interest in the company’s approach to cyber risk management. Inquire about their current challenges, future goals, and how they measure success in their cyber governance initiatives. This will demonstrate your proactive mindset and genuine interest in the role.