Senior Vendor Security Analyst in Wokingham

About the Role

National Energy System Operator is looking for a skilled and ambitious individual to join our Security Team in a Senior Vendor Security Analyst role. The Senior Analyst will support the Vendor Security Manager in overseeing NESO’s vendor lifecycle, governing and developing NESO’s procured vendor tooling, and ensuring the completion of all vendor assurance activity. This role may be based from our offices in Wokingham or Warwick, and we offer hybrid working arrangements that blend office and home working.

This role is designated as requiring a National Security Vetting (NSV) clearance. The level of clearance associated with the role will usually need you to have been a resident in the UK for the last five years to apply for the required level of clearance. Applicants who do not currently meet this residency requirement are encouraged to express an interest in the role.

Key Accountabilities

• Lead and quality‑assure inherent risk assessments, ensuring consistency and accuracy across the team.
• Oversee junior analysts in successfully onboarding and triaging new vendors, including profiling and tiering via NESO's vendor platform.
• Manage the issuance and validation of assurance questionnaires, ensuring timely vendor engagement and follow‑up.
• Provide a point of escalation for junior team members on assessing vendor risks and threat intelligence monitoring.
• Develop and maintain standard operating procedures (SOPs), triage templates, and guidance documentation.
• Drive automation and tooling enhancements to streamline assurance and reporting processes.
• Represent the VSM function in transformation planning, capability assessments, and stakeholder workshops.
• Provide coaching and oversight to junior analysts, supporting their development and ensuring knowledge transfer.
• Collaborate with internal teams (e.g., Procurement, GRC, Legal) to embed security controls into vendor lifecycle processes.

We recognize that not every candidate will meet every requirement. At NESO, we are committed to building a diverse, inclusive, and authentic workplace for everyone. If you are excited about this role but your experience or qualifications don’t match the job description exactly, we encourage you to apply anyway. You might just be the right person for our growing business in this role or another one.

About You

• Demonstrable experience in a senior security, compliance, or vendor risk role within a regulated industry.
• Led or contributed to transformation initiatives, including tooling implementation, process redesign, or capability uplift.
• Experience managing assurance workflows, risk assessments, and vendor engagement at scale.
• Familiarity with BAU transition planning, including RACI development, maturity assessments, and continuous improvement cycles.
• Degree or equivalent experience in cyber security, risk management, or a related discipline.
• In‑depth knowledge of third‑party risk management frameworks (e.g., NCSC), regulatory compliance (e.g., GDPR, NIS), and data protection principles.
• Preferably a cyber security qualification such as ISO 27001 Lead Implementer or CompTIA Security+.
• Proficiency with risk and assurance platforms such as Prevalent and BitSight.
• Advanced skills in Microsoft 365 (Excel, SharePoint, PowerPoint) and process documentation.
• Excellent communication and stakeholder engagement skills, with the ability to influence across technical and non‑technical audiences.

What You’ll Get

A competitive salary of £56,000 – £63,000 dependent on experience and capability. In addition to your base salary, NESO’s core benefits include:

• Bonus based on company performance.
• 26 days annual leave as standard.
• Competitive contributory pension scheme with double match up to 12% company contribution.
• Annual enrollment to NESO Savings Plan with up to 50% matching contribution for savings between £20‑£500 a month.

NESO’s flexible benefits programme provides you with more flexibility around health, lifestyle and protection benefits. Some available options are:

• Flexible bank holidays and holiday trading.
• Additional birthday day off.
• Cycle to Work scheme, retail and gym discounts.
• Private medical insurance, critical illness insurance and personal accident insurance.

About Us

At the National Energy System Operator (NESO), we play a vital role in tackling climate change and securing Great Britain’s energy future. We already operate the world’s fastest decarbonising electricity system and are working towards our ambition to run it carbon‑free for a short period this year, provided the market supplies electricity exclusively from renewable sources. Alongside this, we provide expert advice to government on how to deliver a clean power system by 2030.

In autumn 2024, the Electricity System Operator (ESO) transitioned to become NESO – an independent, expert public corporation with a whole‑system view across electricity, gas and hydrogen. NESO operates independently and transparently, always acting in the best interests of all energy users.

Licensed and regulated by Ofgem, we make impartial decisions that balance sustainability, affordability and security. Our organisation is fully independent from government, the regulator and all commercial interests, with a clear focus on system‑wide benefit, long‑term value and public value.

The time to deliver is now. Join the energy transformation and help shape the future. Your energy. Our future. Together.

More Information

This role closes at 23:59 on the day before the date shown above. Applicants are encouraged to submit their application as early as possible; the closing date may vary.

Diversity and Inclusion

We’re committed to building a workforce that represents the communities we serve, and to creating a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential. If this role sparks your interest and you are not sure you tick every box, we still want to hear from you. We celebrate the difference people can bring into our organisation and welcome and encourage applicants with diverse experiences and backgrounds.