Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead compliance audits and manage cybersecurity risks in a dynamic energy sector environment.
- Company: Join a forward-thinking company in the Energy Sector focused on cybersecurity excellence.
- Benefits: Enjoy hybrid work options, competitive salary, and opportunities for professional growth.
- Why this job: Make a real impact on cybersecurity standards while collaborating with top auditors and regulators.
- Qualifications: 5+ years in cybersecurity, with expertise in NIS reporting and regulatory compliance required.
- Other info: Fluency in English is essential; French knowledge is a plus!
The predicted salary is between 48000 - 84000 £ per year.
On behalf of our client in the Energy Sector, we are seeking to recruit a Cyber Security Compliance Lead.
Location: UK, London (Hybrid) with occasional travel to Folkestone & Calais
Overview:
As the GRC Lead, you will engage with internal and external auditors, regulators (Ofgem, DESNZ, CRE, etc.), and other stakeholders to prepare and submit compliance reports to internal governance committees and regulators. You will manage the implementation of findings from risk assessments, audits, and compliance reviews. Additionally, you will oversee the full lifecycle of compliance audits and ensure adherence to existing and emerging regulations and standards, including NIS, NIS2, NIST, CSF, ISO27001, IEC62443, etc.
Main Responsibilities:
- Risk Management: Manage risks and vulnerabilities, including assessments, compliance reviews, audits, and tracking using the GRC tool (OneTrust) in accordance with NIST standards.
- Compliance: Ensure the company meets all regulatory requirements related to cybersecurity, including:
- Managing and supporting NIS and NIS2 internal and external audits/inspections.
- Preparing and owning NIS/NIS2 compliance reports and submitting them to regulators.
- Responding to inquiries from auditors and regulators about ongoing operational compliance.
- Preparing monthly internal governance committee reports.
- Tracking progress against the company’s Security Improvement Plan.
- Documenting and reporting control failures and gaps to the Security Committee.
Experience Required:
- 5+ years of direct experience in cybersecurity, with an emphasis on risk and compliance.
- At least 2 years of expertise in NIS reporting requirements and handling inspections/audits.
- Thorough understanding of regulatory compliance requirements and standards, including NIS, NIS2, NIST, ISO27001, IEC62443, and GDPR.
- Experience with GRC tools, techniques, and best practices. Experience with OneTrust is an advantage.
- Proven experience in managing third-party audits, compiling evidence, and organizing audit responses.
Education:
- Bachelor’s degree in information cybersecurity or certifications in cybersecurity, risk management, governance, or a related field.
Skills and Competencies:
- Highly effective written and verbal communication skills; excellent presentation skills.
- Attention to detail and a strong focus on accuracy.
- Ability to understand the wider business context.
- Ability to work under pressure in a dynamic environment.
- Self-starter and results-oriented.
- Strong professional relationship-building skills with internal and external stakeholders.
- Strong influencing and negotiating skills.
- Fluent in English; knowledge of French is an advantage but not essential.
#J-18808-Ljbffr
Cyber Security Compliance Lead employer: Marlin Selection Ltd
Contact Detail:
Marlin Selection Ltd Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Compliance Lead
✨Tip Number 1
Familiarize yourself with the specific compliance frameworks mentioned in the job description, such as NIS, NIS2, and ISO27001. Understanding these standards will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the cybersecurity compliance field, especially those who have experience with GRC tools like OneTrust. Engaging with industry peers can provide valuable insights and potentially lead to referrals.
✨Tip Number 3
Stay updated on the latest trends and changes in cybersecurity regulations and compliance requirements. This knowledge will be crucial during discussions with auditors and regulators, showcasing your expertise and proactive approach.
✨Tip Number 4
Prepare for potential scenario-based questions in interviews that assess your problem-solving skills in risk management and compliance situations. Think of examples from your past experiences where you successfully navigated challenges in these areas.
We think you need these skills to ace Cyber Security Compliance Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your relevant experience in cybersecurity, risk management, and compliance. Emphasize your familiarity with NIS, NIS2, NIST, ISO27001, and GRC tools like OneTrust.
Craft a Strong Cover Letter: In your cover letter, explain why you are the perfect fit for the Cyber Security Compliance Lead role. Mention specific experiences that demonstrate your ability to manage audits, compliance reports, and stakeholder engagement.
Showcase Communication Skills: Since effective communication is crucial for this role, provide examples in your application that showcase your written and verbal communication skills, especially in presenting complex information to various stakeholders.
Highlight Relevant Certifications: If you have certifications in cybersecurity, risk management, or governance, make sure to mention them prominently in your application. This will strengthen your candidacy and show your commitment to the field.
How to prepare for a job interview at Marlin Selection Ltd
✨Showcase Your Compliance Knowledge
Make sure to highlight your understanding of compliance frameworks like NIS, NIS2, and ISO27001 during the interview. Be prepared to discuss specific experiences where you managed compliance audits or prepared reports for regulators.
✨Demonstrate Risk Management Skills
Discuss your experience with risk assessments and how you've managed vulnerabilities in previous roles. Use examples that illustrate your ability to track and mitigate risks effectively using GRC tools like OneTrust.
✨Prepare for Technical Questions
Expect technical questions related to cybersecurity standards and regulations. Brush up on your knowledge of NIST standards and be ready to explain how you've implemented these in past projects.
✨Communicate Clearly and Confidently
Since strong communication skills are essential for this role, practice articulating your thoughts clearly. Prepare to present your ideas confidently, especially when discussing complex compliance issues or audit findings.
