Lead Regulatory Security Advisor
4 weeks ago
Supporting projects with high strategic impact, following an agreed delivery strategy which is shared across the directorate you will:
- Support delivery of a set of work deliverables on time and to a high standard as part of a multidisciplinary team. Interpreting and enacting Ofgem's remit as defined in the NIS Regulations and Government Policy.
- Support development and maintenance of a repository of recognised cyber security practice for use internally by the cyber regulatory team or externally with organisations whom Ofgem regulate for management of security risk to network and information systems.
- Analyse and assess the security posture of OES to identify common security risks affecting the sector. Establishing effective partnerships with relevant Security, Intelligence and Law Enforcement Agencies, other Regulators and energy sector partners to address these concerns (e.g. DESNZ, NESO, NCSC).
- Facilitate effective information sharing across the downstream gas and electricity ("DGE") sector to accelerate implementation of cyber security best practices. Assuring understanding of expectations for security are communicated to stakeholders in line with Governments cyber (security) strategy.
- Engage with key internal and external stakeholders responsible for organisational and architectural decisions that impact the security of our energy infrastructure to reach and influence a wide range of people across larger teams and communities who collectively are responsible for shaping our energy systems. Supporting safe and secure operation of our critical energy infrastructure now and into the future.
- Support the wider CA inclusive corporate leadership, using your expertise to provide comprehensive knowledge sharing, support and development that demonstrate commitment to Ofgem values.
- Manage key stakeholder relationships, both internally and externally. Identify and develop new relationships with partners where required
- Continue your professional development whilst at Ofgem to enable you to grow and deliver more.
- May be required to travel on an infrequent basis to support engagement with energy sector participants and stakeholders
As a member of the G&M team within the directorate, we want you to use your knowledge, understanding, and experience of cyber security practice to:- Review the cyber security measures taken by regulatees. Identifying key challenges faced by the sector. Collaborating with stakeholders and regulatees to develop effective mitigation strategies to counter these challenges. Building resilience in line with guidance provided by the UKs Technical Authority, the National Centre for Cyber Security ("NCSC").
- Develop an understanding of Government's strategic direction for cyber resilience within the energy sector by collaborating closely with the Department for Energy Security and Net Zero ("DESNZ") as the joint CA and engaging with key stakeholders interested in energy (cyber) security for the sector to:
- develop and maintain guidance for external organisations (primarily OES), to support the improvement of cyber resilience for the sector
- to identify key security risks to the network and information systems used by the DGE sector
- create and clearly communicate Ofgem's security expectations to industry, providing expert guidance to operators and their supply chain on interpreting such statements into meaningful and appropriate security requirements
- Provide expert advice on security architecture implications of technological trends when applied to existing systems and how innovative technologies change the security approach required
- Attend and when appropriate provide expert input to Specialist Interest Groups to share security best practice across the sector
- Follow a methodical and repeatable approach to reviewing the effectiveness of an OESs security management system and describe that approach
- Work with key stakeholders (primarily the NCSC) to help shape new and innovative security architecture guidance for OES and others to re-use
- Effectively communicate difficult risk and security concepts in accessible ways that can be clearly understood by business leaders. Contribute to and develop risk communication strategies
- liaise with DESNZ to support designation and successful onboarding of OES into a regulatory regime.
- Effectively communicate difficult risk and security concepts in accessible ways that can be clearly understood by business leaders. Contribute to and develop risk communication strategies
- Work with key stakeholders (primarily the NCSC) to help shape new and innovative security architecture guidance for OES and others to re-use
- Follow a methodical and repeatable approach to reviewing the effectiveness of an OESs security management system and describe that approach
- Attend and when appropriate provide expert input to Specialist Interest Groups to share security best practice across the sector
- Provide expert advice on security architecture implications of technological trends when applied to existing systems and how innovative technologies change the security approach required
- create and clearly communicate Ofgem's security expectations to industry, providing expert guidance to operators and their supply chain on interpreting such statements into meaningful and appropriate security requirements
- to identify key security risks to the network and information systems used by the DGE sector
- develop and maintain guidance for external organisations (primarily OES), to support the improvement of cyber resilience for the sector
- Develop an understanding of Government's strategic direction for cyber resilience within the energy sector by collaborating closely with the Department for Energy Security and Net Zero ("DESNZ") as the joint CA and engaging with key stakeholders interested in energy (cyber) security for the sector to:
- Continue your professional development whilst at Ofgem to enable you to grow and deliver more.
- Manage key stakeholder relationships, both internally and externally. Identify and develop new relationships with partners where required
- Support the wider CA inclusive corporate leadership, using your expertise to provide comprehensive knowledge sharing, support and development that demonstrate commitment to Ofgem values.
- Engage with key internal and external stakeholders responsible for organisational and architectural decisions that impact the security of our energy infrastructure to reach and influence a wide range of people across larger teams and communities who collectively are responsible for shaping our energy systems. Supporting safe and secure operation of our critical energy infrastructure now and into the future.
- Facilitate effective information sharing across the downstream gas and electricity ("DGE") sector to accelerate implementation of cyber security best practices. Assuring understanding of expectations for security are communicated to stakeholders in line with Governments cyber (security) strategy.
- Analyse and assess the security posture of OES to identify common security risks affecting the sector. Establishing effective partnerships with relevant Security, Intelligence and Law Enforcement Agencies, other Regulators and energy sector partners to address these concerns (e.g. DESNZ, NESO, NCSC).
- Support development and maintenance of a repository of recognised cyber security practice for use internally by the cyber regulatory team or externally with organisations whom Ofgem regulate for management of security risk to network and information systems.
Role Criteria:
Essential
- SQEP demonstration. We recognise a wide range of qualifications that can support demonstration of competency and value industry specific experience. Ideally this would be supported by relevant professional qualification(s) (level 6 or higher) in either an engineering discipline coupled with experience in cyber security or, a cyber security qualification with a demonstrable specialism (e.g. GICSP) or industry certification relating to the security of cyber physical systems that aligns with technologies used within the energy sector (or relevant CNI sector (LEAD)
- Demonstrable experience using and applying security frameworks and or technical standards e.g. NCSC CAF, NIST CSF, ISO 27K, CIS Controls, IEC/ISA 62443 to support practise (LEAD)
- Able to achieve and maintain SC clearance
- Experience of major project / programme delivery for major infrastructure design and build with a focus on security of cyber physical systems
- Client-facing experience, including negotiation, advisory and coaching skills (internal or external).
Working knowledge and understanding of:- The Network and Information Systems Regulations 2018 (NIS Regulations) and the NCSC's Cyber Assessment Framework and CAF collection
- Risk management practices for information / operational security risk assessment and business continuity.
- Experience of major project / programme delivery for major infrastructure design and build with a focus on security of cyber physical systems
- Able to achieve and maintain SC clearance
- Demonstrable experience using and applying security frameworks and or technical standards e.g. NCSC CAF, NIST CSF, ISO 27K, CIS Controls, IEC/ISA 62443 to support practise (LEAD)
We'll assess you against these behaviours during the selection process:
- Changing and Improving
- Making Effective Decisions
- Seeing the Big Picture
- Working Together
We'll assess you against these technical skills during the selection process:
- Please refer to the Candidate Pack and Role Profile attached for full details.
Alongside your salary of £47,895, OFGEM contributes £13,875 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working, flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.
Things you need to know
Selection process details
This vacancy is using Success Profiles (opens in a new window) , and will assess your Behaviours, Experience and Technical skills.
When you press the 'Apply now' button, you will be asked to complete personal details (not seen by the sift panel), your career history and qualifications.
You will then be asked to provide a 1250 word 'personal statement' evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your supporting statement, how you meet each of the essential and desirable skills and capabilities.
The Civil Service values honesty and integrity and expect all candidates to abide by these principles. Ofgem take any incidences of cheating very seriously. Please ensure all examples provided are of your own experience. Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant applications will be withdrawn from the process.
Feedback will only be provided if you attend an interview or assessment.
Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window) .
See our vetting charter (opens in a new window) .
People working with government assets must complete baseline personnel security standard (opens in new window) checks.
Nationality requirements
This job is broadly open to the following groups:
- UK nationals
- nationals of the Republic of Ireland
- nationals of Commonwealth countries who have the right to work in the UK
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
- nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
- individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
- Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window) .
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window) .
-
Director of Regulatory Writing
2 days ago
Glasgow, Glasgow City, United Kingdom Complete Regulatory | An IPG Health Company Full timeWho are we?Complete Regulatory is part of IPG Health Medical Communications, home to the world's most celebrated and awarded Med Comms agencies. We are 800 experts obsessed with combining science, creativity, and technology to create exceptional medical communications solutions for our clients.What do we do?At Complete Regulatory, we provide class-leading...
-
Stakeholder, Comms and Policy Lead
2 days ago
Glasgow, Glasgow City, United Kingdom Buchan Offshore Wind Full timeBuchan Offshore Wind is the developer of a major floating offshore wind farm 75 km to the northeast of Fraserburgh on the Aberdeenshire coast. With an anticipated capacity of close to 1GW and a connection date of 2033, the project would feature up to 70 turbines and has the potential to generate the equivalent of the annual power needs of some 1.4 million...
-
Mortgage Advisor
1 day ago
Glasgow, Glasgow City, United Kingdom Merlin Mortgages Full timeJob Description Experienced and qualified mortgage advisors urgently requiredWe are looking to recruit experienced and qualified Mortgage Advisors, to join our busy telephony team in our Glasgow mortgage centre. We are rapidly expanding our mortgage teams due to exceptional customer demand.Our advisors are supplied with quality new pre-qualified leads on a...
-
Secure Care Practice Development Advisor
2 weeks ago
Glasgow, Glasgow City, United Kingdom University of Strathclyde Full timeSalary range : £46,485 - £56,921FTE : 1Terms : Fixed Term for 12 months with a possible extension in line withScottish Government fundingClosing date : 21/04/2025The Children & Young People's Centre for Justice (CYCJ) is looking to recruit a full-time Practice Development Advisor to lead on our secure care workstream. The post is for someone with...
-
Head of Regulatory
2 weeks ago
Glasgow, Glasgow City, United Kingdom Iconic Resourcing Full timeHead of Regulatory ComplianceFlexible Location | Edinburgh | Glasgow | London | Hybrid | Full or Part-time ConsideredIconic Resourcing is proud to be partnering with a highly regarded professional services firm in their search for a Head of Regulatory Compliance. This is an exceptional opportunity for an experienced compliance professional to lead and shape...
-
Mortgage Advisor
4 weeks ago
Glasgow, Glasgow City, United Kingdom ASPIRE SEARCH CONSULTANTS LLP Part timeMortgage Advisor / whole of the market / Glasgow / £31,500 FTE basic salary (OTE £60,000 - over £100,000) plus excellent benefits / part timeWe are working on an exclusive basis with our client, a highly regarded mortgage broker, to secure a top performing mortgage advisor for their busy office in Glasgow on a part time basis.This award-winning whole...
-
Mortgage Advisor
3 weeks ago
Glasgow, Glasgow City, United Kingdom ASPIRE SEARCH CONSULTANTS LLP Part timeMortgage Advisor / whole of the market / Glasgow / £31,500 FTE basic salary (OTE £60,000 - over £100,000) plus excellent benefits / part timeWe are working on an exclusive basis with our client, a highly regarded mortgage broker, to secure a top performing mortgage advisor for their busy office in Glasgow on a part time basis.This award-winning whole...
-
Security & Compliance Manager
2 days ago
Glasgow, Glasgow City, United Kingdom Encompass Corporation Full timeSecurity & Compliance ManagerDepartment: Business OperationsEmployment Type: Full TimeLocation: GlasgowDescriptionEncompass enables fast, accurate identity validation and verification of corporate customers, and a gold standard approach to KYC. Our award-winning corporate digital identity (CDI) platform incorporates real-time data and documents from...
-
Mortgage Advisor
2 weeks ago
Glasgow, Glasgow City, United Kingdom ASPIRE SEARCH CONSULTANTS LLP Full timeMortgage Advisor (New Build) / whole of the market / Glasgow / £30,000 - £45,000 basic salary (OTE £70,000 - over £100,000) plus excellent benefits / Hybrid working / full timeWe are working on an exclusive basis with our client to secure a top performing Mortgage & Protection Advisor to join their new build department in Glasgow.This exciting...
-
Lead Cyber Security Consultant
1 day ago
Glasgow, Glasgow City, United Kingdom SR2 REC LTD Full timeJob Description Lead Cyber Security Consultant (Hybrid - Glasgow)We've partnered with an innovative fintech company based in Glasgow that's looking for a Lead Cyber Security Consultant to help shape their security landscape and protect their cutting-edge platforms. This role offers a unique blend of strategic influence and hands-on technical work, ideal for...
-
Information Security Manager
2 days ago
Glasgow, Glasgow City, United Kingdom Nine Twenty Recruitment Full timeWe are seeking a highly skilled IT Security Manager with strong network security expertise to lead our cybersecurity strategy, protect IT infrastructure, and mitigate security risks. This role requires a proactive leader who can design, implement, and maintain security policies, frameworks, and solutions to safeguard our organization against cyber...
-
Mortgage Advisor
3 weeks ago
Glasgow, Glasgow City, United Kingdom Root-10 Limited Full timeJob Title: Mortgage Broker (Permanent)Location: ScotlandCompany: Root-10 AdvertisingAbout Us:Root-10 Advertising is a leading recruitment agency specializing in finding top talent for businesses across various industries. We work with companies who are looking for exceptional professionals, and one of our clients, based in Scotland, is seeking an experienced...
-
Data Privacy Advisor
2 days ago
Glasgow, Glasgow City, United Kingdom Barclays UK Full timeBarclays are seeking an experienced and dedicated Data Privacy Advisory professional to join our team. You will play a crucial role in strengthening our first line of defence by ensuring the effective implementation of data privacy requirements across the organisation. In this role, you will provide expert advice on global data privacy regulations, with a...
-
Insurance Helpdesk Advisor
1 day ago
Glasgow, Glasgow City, United Kingdom Connections Recruitment Full timeJob Description We are seeking a proactive Protection Insurance Helpdesk Advisor (non-sales) to assist brokers and advisers by providing guidance on eligibility criteria and policy suitability. This role requires a customer-focused individual with a strong understanding of protection insurance products, ensuring that brokers receive accurate technical...
-
Lead Cyber Security Engineer
3 weeks ago
Glasgow, Glasgow City, United Kingdom Bright Purple Full timeLead Cyber Security Engineer – Circa £80,000 – Glasgow hybrid. Are you an experienced Cyber Security Engineer looking for a strategic leadership role where you can take ownership and define a company's cyber policies, procedures and training required to future proof a scaling B2B Fintech? This is a leadership role for somebody who can be hands on when...
-
OT Security Analyst
12 hours ago
Glasgow, Glasgow City, United Kingdom SSE Full timeBase Location:Glasgow, Eurocentral, Perth Salary: £40,600 - £61,000 + performance-related bonus + a range of benefits to support your finances, wellbeing and family. Working Pattern: Permanent | Full Time | Flexible First options available The role Reporting to the OT Resilience Manager, theOT Security, Resilience and Compliance Analyst will support the...
-
Senior Lead Software Engineer
2 weeks ago
Glasgow, Glasgow City, United Kingdom TN United Kingdom Full timeSocial network you want to login/join with:Senior Lead Software Engineer - PL/SQL, GlasgowLocation: Glasgow, United KingdomJob Category: OtherEU work permit required: YesJob Reference:db5b1047d65aJob Views:15Posted:14.03.2025Expiry Date:28.04.2025Job Description:Be an integral part of an agile team that's constantly pushing the envelope to enhance, build,...
-
Senior Lead Software Engineer
1 day ago
Glasgow, Glasgow City, United Kingdom TN United Kingdom Full timeSocial network you want to login/join with:Senior Lead Software Engineer - PL/SQL, GlasgowLocation: Glasgow, United KingdomJob Category: OtherEU work permit required: YesJob Reference:db5b1047d65aJob Views:15Posted:14.03.2025Expiry Date:28.04.2025Job Description:Be an integral part of an agile team that's constantly pushing the envelope to enhance, build,...
-
Lead Cyber Security Engineer
4 weeks ago
Glasgow, Glasgow City, United Kingdom Bright Purple Full timeLead Cybersecurity Engineer Circa £80,000 Glasgow hybrid. Are you an experienced Cybersecurity Engineer looking for a strategic leadership role where you can take ownership and define a companys cyber policies, procedures and training required to future proof a scaling B2B Fintech? This is a leadership role for somebody who can be hands on when...
-
Senior Customer Service Advisor
7 hours ago
Glasgow, Glasgow City, United Kingdom Northgate Vehicle Hire Limited Full timeSenior Customer Service AdvisorReference: MAR20252475Expiry date: 12:15, Thu, 10th Apr 2025Location: GlasgowBenefits: A superb range of Exclusive, Colleague only Benefits and Discounts.Salary: £27,102 pa + bonus up to £2,046 pa OTEWeekly Hours: 42.5 hoursAs the UK's leading vehicle rental specialists, we make a commitment to keep our customers' businesses...
