Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber assurance for essential services in the energy sector, ensuring compliance and resilience.
- Company: Ofgem regulates the UK energy market, promoting sustainable energy for consumers and businesses.
- Benefits: Enjoy hybrid working, 30 days annual leave, and a generous pension scheme.
- Why this job: Join a mission-driven team tackling cyber threats in critical national infrastructure.
- Qualifications: Experience in cyber security, operational technology, and relevant professional qualifications required.
- Other info: Opportunity to contribute to a Net Zero energy system by 2050.
The predicted salary is between 38000 - 60000 £ per year.
Ofgem is committed to making a positive difference for energy consumers through effective regulation of the market and close working with suppliers to ensure sustainable energy for consumers and businesses in the UK. It is vital that operational systems and networks in the electricity and downstream gas sectors in Great Britain remain resilient against cyber and related security threats. This role will be within the Cyber Profession’s Cyber Regulation Team of Ofgem, who act as Competent Authority (CA) for implementing regulations for Operators of Essential Services (OES), to improve security and resilience in the Downstream Gas and Electricity (DGE) sector.
The key purpose of the role is to monitor, support, report and instruct against the regulatory frameworks such as the NCSC Cyber Assurance Framework to ensure operational systems and networks owned and/or managed by Operators of Essential Services in the electricity and downstream gas sectors in Great Britain remain resilient against cyber and related security threats. You’ll operate as a Senior Cyber Assurance Lead, providing cyber assurance across Operators of Essential Services (OES) with high strategic impact to GB critical national infrastructure.
Key Responsibilities, Outputs and Deliverables
- Provide advice and guidance to the DGE sector on compliance with the NIS regulations and ensuring through inspections, audits and testing that OES maintain compliance.
- Deliver and/or manage a set of inspections and assurance activities in line with the NIS regulations.
- Write and maintain high quality inspections and audit reports, providing analysis and outcomes.
- Provide scrutiny of audit reports, assurance reports, improvement plans and incident reports.
- Record outputs and decisions from inspections and assurance activities.
- Effectively communicate recommendations to Enforcement teams based on sound judgement and understand and use regulatory tools to drive improvements.
- Ensure alignment with government and industry objectives and standards, and liaise with senior stakeholders on how these can be met.
Key Skills/Capabilities Required
- Experience of security assurance in the Oil, Gas, Electricity industry.
- Experience in utilising operational technology / ICS related standards, NIS Regulations and NCSC Cyber Assurance Framework.
- Qualification in cyber security, evidenced through an appropriate professional qualification such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP, SA/IEC 62443 Cybersecurity Expert, relevant degree, or equivalent industry experience.
- Proven experience in understanding cyber risk assessments and methodologies in relation to Critical National Infrastructure environments, and the application of appropriate and proportionate controls across people, process, and technology to mitigate risk.
- Proven client-facing experience with strong negotiation and advising skills across a wide range of cyber security best practices.
- Proven experience of inspecting, auditing, or testing with an information security role.
- Strong drafting and report writing skills.
- Extensive experience working collaboratively with diverse colleagues.
- Able to achieve and maintain SC clearance.
Behaviours
- Making Effective Decisions
- Communicating and Influencing
- Managing a Quality Service
Technical skills
Please refer to the Candidate Pack and Role Profile attached for full details.
Alongside your salary of £47,895, OFGEM contributes £13,875 towards you being a member of the Civil Service Defined Benefit Pension scheme. Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working, flexible working hours and family friendly policies.
This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.
Things you need to know: This vacancy is using Success Profiles, and will assess your Behaviours, Experience and Technical skills. When you press the ‘Apply now’ button, you will be asked to complete personal details (not seen by the sift panel), and upload a copy of your CV anonymising all details where necessary. You will then be asked to provide a 1250 word ‘personal statement’ evidencing how you meet the essential and desirable skills and capabilities listed in the role profile.
The Civil Service values honesty and integrity and expect all candidates to abide by these principles. Ofgem take any incidences of cheating very seriously. Please ensure all examples provided are of your own experience. Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant applications will be withdrawn from the process. Feedback will only be provided if you attend an interview or assessment.
Senior Regulatory Security Assurance employer: Ofgem
Contact Detail:
Ofgem Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Senior Regulatory Security Assurance
✨Tip Number 1
Familiarise yourself with the NIS regulations and the NCSC Cyber Assurance Framework. Understanding these frameworks will not only help you in interviews but also demonstrate your commitment to compliance and security assurance in the energy sector.
✨Tip Number 2
Network with professionals in the cyber security and regulatory fields, especially those who have experience in the Oil, Gas, and Electricity industries. Engaging with industry experts can provide valuable insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss your experience with operational technology and industrial control systems. Be ready to share specific examples of how you've applied security measures in these areas, as this is crucial for the role.
✨Tip Number 4
Stay updated on current trends and challenges in cyber security, particularly those affecting critical national infrastructure. Being knowledgeable about recent incidents or advancements can set you apart during discussions with interviewers.
We think you need these skills to ace Senior Regulatory Security Assurance
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Senior Regulatory Security Assurance role at Ofgem. Tailor your application to highlight how your experience aligns with their needs.
Craft a Strong Personal Statement: Your personal statement is crucial. Use the 1250-word limit wisely to demonstrate how you meet both the essential and desirable skills listed in the job profile. Provide specific examples from your past experiences that showcase your qualifications.
Highlight Relevant Experience: Emphasise your experience in security assurance within the Oil, Gas, or Electricity industries. Mention any relevant qualifications, such as CISSP or CISA, and detail your familiarity with NIS regulations and the NCSC Cyber Assurance Framework.
Proofread Your Application: Before submitting, thoroughly proofread your CV and personal statement. Check for spelling and grammatical errors, and ensure that all information is clear and concise. A polished application reflects your attention to detail.
How to prepare for a job interview at Ofgem
✨Understand the Regulatory Frameworks
Familiarise yourself with the NIS regulations and the NCSC Cyber Assurance Framework. Be prepared to discuss how these frameworks apply to the role and how you can ensure compliance within the DGE sector.
✨Showcase Your Technical Expertise
Highlight your experience with operational technology and industrial control systems. Be ready to provide examples of how you've applied security assurance in previous roles, particularly in the Oil, Gas, or Electricity industries.
✨Prepare for Scenario-Based Questions
Expect questions that assess your decision-making skills and ability to manage quality services. Think of specific situations where you've had to make tough decisions or influence stakeholders effectively.
✨Craft a Strong Personal Statement
Your personal statement should clearly demonstrate how you meet the essential and desirable skills outlined in the job description. Use concrete examples from your past experiences to illustrate your qualifications and achievements.
