Cyber Security GRC Risk Manager

Overview

Base Location: Havant, Reading, Perth, Glasgow

Salary: £58,100 – £87,100 + performance related bonus and a range of benefits to support your finances, wellbeing and family.

Working Pattern: Permanent Full Time Flexible First options available

The role

The role holder is responsible for leading the development and implementation of a standardised cyber security management system, and a governance and reporting mechanism to identify, measure, and monitor cyber risks consistently across the whole of SSE. This includes leading the Group\’s Principal Risk on cyber security and resilience, strategic sub risks and driving through to the tactical risks and supporting the risk management requirements of the NIS regulations.

You will

• Drive and lead the development and management of the Cyber Security & Resilience Principal Risk, risk appetite and controls framework working in conjunction with Group Risk and the IT/OT Governance, Risk & Compliance team and all Business Units.
• Lead the preparations for cyber security governance meetings across SSE and support the creation of content for cyber security papers to Board, Audit Committee and other Executive committees including development of metrics to tell the cyber security story.
• Work with GRC Risk Analyst and the reporting team to produce monthly metrics showing the cyber security risk and control position for different audiences including CISO, leaders and operational teams.
• Ensure that significant risks are identified, mitigated and effectively monitored and managed and linked to improvement plans in line with NIS requirements.
• Develop implementation guidance in relation to cyber risk appetite and define and manage policy exceptions and significant risks through appropriate risk management, exception and governance processes.
• Develop SSE\’s cyber risk assessment maturity to enable commercially informed decision-making, ensuring that risk management and the implementation of controls are guided by a clear understanding of return on investment and business value.

You have

• Excellent cyber security experience with exposure to IT and OT environments and in-depth knowledge of cyber risk assessment methods and technologies, and proficiency in performing risk, business impact, control and vulnerability assessments and assurance.
• Excellent knowledge of risks and threats to UK energy sector and security issues, techniques and implications across digital platforms, control systems and customer data.
• Demonstrable written and verbal communication skills with the ability to interact with SSE staff at all levels up to senior leadership and across all business units and organisations, and to understand business priorities.
• Ability to deliver complex messaging and data in a simple, concise manner and using data and metrics.
• Team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles, including IT, OT and business personnel.

About SSE

SSE has a bold ambition – to be a leading energy company in a net zero world. We\’re building the world\’s largest offshore wind farm. Transforming the grid to provide greener electricity for millions of people and investing over £20 billion in homegrown energy, with £20 billion more in the pipeline.

Our IT division powers growth across all SSE business areas by making sure we have the systems, software and security needed to take the lead in a low carbon world. They provide expertise, advice and day-to-day support in emerging technologies, data and analytics, cyber security and more.

Flexible benefits to fit your life

Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest-free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. As well as generous family entitlements such as maternity and adoption pay, and paternity leave.

Work with an equal opportunity employer

SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact / to discuss how we can support you.

We\’re dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.

Equal Opportunities Statement

SSE is an equal opportunities employer. We\’re committed to treating all employees and applicants fairly and equally, regardless of their race, gender, disability, or any other protected characteristic.