At a Glance
- Tasks: Lead the charge in information security and data governance, ensuring compliance and risk management.
- Company: Join a forward-thinking energy company committed to cybersecurity and data integrity.
- Benefits: Enjoy competitive pay, flexible working options, and opportunities for professional growth.
- Other info: This role offers autonomy and the chance to influence across diverse teams and jurisdictions.
- Why this job: Make a real difference in protecting data and shaping security policies in a dynamic environment.
- Qualifications: Experience in cybersecurity and data governance is essential; familiarity with regulations is a plus.
The predicted salary is between 60000 - 80000 £ per year.
Principal Accountabilities
- Information Security
- Develop, implement, and maintain information and cyber security policies, standards, and procedures.
- Ensure alignment with recognized frameworks (ISO 27001, NIST CSF, CIS Controls).
- Conduct risk assessments across IT, cloud, and Operational Technology (OT) environments.
- Support incident response planning and continuous improvement of security controls.
- Embed secure-by-design principles into infrastructure and operational systems.
- Data Governance
- Establish and maintain an enterprise data governance framework.
- Define and enforce data classification, handling, retention, and protection standards.
- Ensure compliance with international data protection regulations including GDPR, UK Data Protection Act, and applicable US privacy laws.
- Promote data ownership, stewardship, and accountability across business units.
- Support data quality, integrity, and lifecycle management.
- Compliance & Regulatory Oversight
- Ensure compliance with applicable cybersecurity, data governance, and energy sector regulations.
- Lead and support internal and external audit activities, including evidence collection and remediation tracking.
- Maintain enterprise risk registers and compliance reporting.
- Continuously monitor global cyber and data regulatory changes.
- Assess impact of regulatory developments and update internal policies, standards, and procedures accordingly.
- Ensure compliance is maintained across all regions of operation.
- Cybersecurity Awareness & Training
- Design and deliver enterprise cybersecurity awareness programmes.
- Conduct phishing simulations and risk-based awareness campaigns.
- Tailor training for corporate and operational (OT) environments.
- Measure effectiveness and drive continuous improvement in user behaviour.
- Governance & Advisory
- Act as subject matter expert and advisor on security, governance, and compliance matters.
- Administer and support third-party/vendor risk management programme.
- Provide reporting and insights to leadership on security posture, regulatory changes, and risk exposure.
- Contribute to the continuous improvement of governance, risk, and compliance (GRC) capability.
- Member of change management board and contributor to change management process.
Qualifications and Experience
- Required
- Significant experience in information security, cybersecurity GRC, or IT governance roles.
- Proven experience implementing data governance frameworks.
- Strong understanding of international data protection and cybersecurity regulations.
- Experience working within regulated environments.
- Familiarity with ISO 27001, NIST, or equivalent frameworks.
- Experience supporting audit and compliance processes.
- Desired
- Experience in the energy, utilities, or critical infrastructure sector.
- Exposure to Operational Technology (OT) environments.
- Professional certifications (CISSP, CISM, CRISC, CISA, CDMP).
- Experience with GRC tools (ServiceNow GRC, RSA Archer, MetricStream).
HSE Responsibilities
- Stop work by challenging and stopping unsafe acts and behaviours or unsafe conditions.
- Comply with Standard Operating Procedures defined in Responsibilities above, and company STOP WORK system.
- Ensure that cybersecurity considerations support safe and reliable operational environments, particularly within OT systems.
Competencies
- Risk & Compliance Expertise: Strong understanding of regulatory and governance frameworks.
- Analytical Thinking: Ability to assess and mitigate complex risks.
- Stakeholder Engagement: Ability to influence across technical and business teams.
- Communication: Clear communication of technical and regulatory requirements.
- Autonomy: Operates independently with accountability for outcomes.
- Continuous Improvement: Proactively adapts to changing regulatory and threat landscapes.
Any Other Information
- This is a senior individual contributor role with no direct reports.
- The role operates across multiple jurisdictions with varying regulatory requirements.
Information Security & Data Governance Lead (UK) employer: SES Energy LLC
As an Information Security & Data Governance Lead, you will thrive in a dynamic work environment that prioritises innovation and security excellence. Our company fosters a culture of continuous learning and professional development, offering robust training programmes and opportunities for career advancement. Located in the UK, we provide a supportive atmosphere where your expertise in cybersecurity and data governance will be valued, ensuring compliance with international standards while contributing to meaningful projects in the energy sector.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security & Data Governance Lead (UK)
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including SES Energy LLC, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through SES Energy LLC
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at SES Energy LLC. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Information Security & Data Governance Lead (UK)
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at SES Energy LLC insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to SES Energy LLC that you’re committed to staying ahead in the game.
How to prepare for a job interview at SES Energy LLC
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at SES Energy LLC to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at SES Energy LLC.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
