Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cyber security management and risk assessment across SSE's operations.
- Company: Join SSE, a pioneering energy company committed to a net zero future.
- Benefits: Competitive salary, flexible working, health perks, and family support.
- Why this job: Make a real impact in cyber security while shaping the future of energy.
- Qualifications: Strong cyber security experience and excellent communication skills required.
- Other info: Inclusive workplace with opportunities for growth and development.
The predicted salary is between 50000 - 70000 Β£ per year.
Overview
Base Location: Havant, Reading, Perth, Glasgow
Salary: Β£58,100 β Β£87,100 + performance related bonus and a range of benefits to support your finances, wellbeing and family.
Working Pattern: Permanent Full Time Flexible First options available
The role
The role holder is responsible for leading the development and implementation of a standardised cyber security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group\βs Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations.
You will
- Drive and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units.
- Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story.
- Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams.
- Ensure that significant risks are identified, mitigated and effectively monitored and managed and linked to improvement plans in line with NIS requirements.
- Develop implementation guidance in relation to cyber risk appetite and define and manage policy exceptions and significant risks through appropriate risk management, exception and governance processes.
- Develop SSE\βs cyber risk assessment maturity to enable commercially informed decision-making, ensuring that risk management and the implementation of controls are guided by a clear understanding of return on investment and business value.
You have
- Excellent cyber security experience with exposure to IT and OT environments and in-depth knowledge of cyber risk assessment methods and technologies, and proficiency in performing risk, business impact, control and vulnerability assessments and assurance.
- Excellent knowledge of risks and threats to UK energy sector and security issues, techniques and implications across digital platforms, control systems and customer data.
- Demonstrable written and verbal communication skills with the ability to interact with SSE staff at all levels up to senior leadership and across all business units and organisations, and to understand business priorities.
- Ability to deliver complex messaging and data in a simple, concise manner and using data and metrics.
- Team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including IT, OT and business personnel.
About SSE
SSE has a bold ambition β to be a leading energy company in a net zero world. We\βre building the world\βs largest offshore wind farm. Transforming the grid to provide greener electricity for millions of people and investing over Β£20 billion in homegrown energy, with Β£20 billion more in the pipeline.
Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day-to-day support in emerging technologies, data and analytics, cyber security and more.
Flexible benefits to fit your life
Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest-free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. As well as generous family entitlements such as maternity and adoption pay, and paternity leave.
Work with an equal opportunity employer
SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact / to discuss how we can support you.
We\βre dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.
Equal Opportunities Statement
SSE is an equal opportunities employer. We\βre committed to treating all employees and applicants fairly and equally, regardless of their race, gender, disability, or any other protected characteristic.
#J-18808-Ljbffr
Cyber Security GRC Risk Manager employer: SSE PLC
Contact Detail:
SSE PLC Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Cyber Security GRC Risk Manager
β¨Tip Number 1
Network like a pro! Reach out to folks in the cyber security field, especially those at SSE. Use LinkedIn to connect and engage with them; you never know who might give you a heads-up about job openings or even refer you directly.
β¨Tip Number 2
Prepare for interviews by brushing up on your knowledge of cyber risk assessment methods and the latest trends in the energy sector. Be ready to discuss how your experience aligns with SSE's goals, especially around their ambitious net zero targets.
β¨Tip Number 3
Showcase your communication skills! Practice explaining complex cyber security concepts in simple terms. This will help you stand out during interviews, especially when discussing your ability to interact with various teams across the organisation.
β¨Tip Number 4
Donβt forget to apply through our website! Itβs the best way to ensure your application gets noticed. Plus, it shows youβre genuinely interested in joining SSE and being part of their mission towards a greener future.
We think you need these skills to ace Cyber Security GRC Risk Manager
Some tips for your application π«‘
Tailor Your CV: Make sure your CV is tailored to the Cyber Security GRC Risk Manager role. Highlight your relevant experience in cyber security, risk assessment, and governance. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your background makes you a great fit for SSE. Keep it concise but impactful β we love a good story!
Showcase Your Communication Skills: Since this role involves interacting with various stakeholders, make sure to demonstrate your written communication skills. Use clear and concise language in your application to show us you can convey complex information simply.
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get all the updates directly from us. Plus, itβs super easy!
How to prepare for a job interview at SSE PLC
β¨Know Your Cyber Security Stuff
Make sure you brush up on your knowledge of cyber security, especially in relation to the energy sector. Be ready to discuss specific risks and threats, as well as your experience with risk assessment methods and technologies.
β¨Prepare for Governance Discussions
Since you'll be leading cyber security governance meetings, itβs crucial to understand how to present complex information clearly. Practice summarising key points and metrics that tell the cyber security story effectively for different audiences.
β¨Showcase Your Communication Skills
Demonstrate your ability to communicate with various stakeholders, from technical teams to senior leadership. Prepare examples of how you've successfully conveyed complex data in a simple manner, highlighting your interpersonal skills.
β¨Understand the NIS Regulations
Familiarise yourself with the NIS regulations and how they apply to cyber risk management. Be prepared to discuss how you would ensure compliance and manage significant risks, linking them to improvement plans.
