Cyber Security Architecture Lead

Location: Glasgow or Edinburgh

Salary: Circa £85,000 + Up To 20% Bonus + Family Medical Cover + Car Allowance + Double Match Pension

The role requires that the successful candidate can obtain UK Government Security Clearance.

Cyber security is a defining topic of our age, and cyber risk represents one of the most significant strategic risks to the UK's critical national infrastructure. At Scottish Power Energy Networks (SPEN) you will have the opportunity to approach this risk head on. SPEN has invested significantly in an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations and deliver a cyber‑resilient business.

Reporting into the Head of Cyber Security Architecture, the Lead Cyber Security Architect role is critical in ensuring delivery against the strategic security vision and the development and maintenance of associated security standards and documentation. The role will also ensure that all functions that rely on network and information systems are protected, resilient and prepared against cyber incidents.

The position requires the ability to identify opportunities to use technology to deliver secure services that are more effective. The role holder must be able to influence and communicate successfully with relevant parties inside and outside of the company while remaining accountable for the outcomes. The role holder works closely across all Infrastructure, Telecommunications, Security and Business IT teams and with wider Corporate Security to achieve key goals.

• Lead the delivery of the Security Architecture Plan and development of associated roadmaps, identifying new security capabilities to support overall NIS compliance, and taking responsibility for the development of these capabilities into fully defined cost‑effective security services.
• Provide effective leadership, motivation and task direction for security architecture domains including Data, Application, Identity and Access, AI and Cloud.
• Feed into the SPEN security strategy, ensuring alignment between security architecture frameworks and standards with overall business strategy.
• Participate in the sourcing strategy and collaborate closely with SPEN Procurement and Legal Teams to procure the required services to meet the Security Architecture Plan.
• Customer‑focused with a demonstrable track record of building relationships with senior and executive stakeholders, building strong and collaborative relationships with all key stakeholders inside and outside of the organisation.
• Ensure that security architecture supports at each stage of the delivery of new projects as indicated by the Secure by Design process.
• Take key ownership for the creation of security design documents and architecture artefacts.
• Interface with the relevant Design Authorities, providing security guidance at all times.
• Ensure consideration of asset management and data security best practice in relation to NIS regulations.
• Drive the adoption of secure designs, patterns and best practices.
• Keep abreast of the latest intelligence from sources of cyber threat information and brief stakeholders with actionable information.
• Contribute to security investment governance processes.
• Ensure performance management development of up to 4 direct reports.

• Demonstrated experience in managing relationships with senior stakeholders.
• Information risk assessment and risk management.
• Protective security and understanding of threats to OT.
• Identification, prioritisation and leadership of key security technology opportunities.
• Experience of understanding and managing aspects of cyber risk, including the assessment, analysis, and reporting of cyber risk in a business context.
• Knowledge and experience of delivering one or more of the following areas: enterprise architecture, infrastructure, or application architecture.
• Experience in defining and/or implementing security controls across multiple layers of the IT architecture stack.
• Motivational skills for team management.
• Ability to analyse problems, identify core issues and recommend appropriate solutions.
• Recognised cyber security qualifications (e.g. CISSP, CISM, NCSC CCP, M.Inst IISP, etc.).
• Recognised architecture qualifications (e.g. SABSA, TOGAF, etc.).

As well as a competitive salary reviewed annually, you can also enjoy a range of benefits. With our pension scheme we will double match your contribution up to a company contribution of 10%.

Benefits include:

• 36 days annual leave.
• Holiday Purchase – extra annual leave.
• Share Schemes.
• Payroll Giving and Charity Matched Funding.
• Technology Vouchers – save more and spread the cost of your technology purchases.
• Electric Vehicle Schemes – transition to green/clean driving.
• Cycle to Work scheme and Public Transport Season Ticket Loans.
• Healthcare benefit options: Dental Insurance, Private Medical Insurance, Health Cash Plan and annual Health Assessments.
• Life Assurance (4x salary).
• Access to Savesmart financial wellbeing support.
• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more.

SP Energy Networks is part of the Iberdrola Group, one of the world's largest integrated utility companies and a world leader in wind energy. We keep electricity flowing to homes and businesses through Central and Southern Scotland, North Wales and in the North West of England. We operate over 4,000 km of cables and lines that make up the transmission network – connecting infrastructure like wind farms into the electricity system. It is a role that puts us right at the heart of Scotland's ambition to be Net Zero by 2044. We are investing £5.5 billion into our transmission network, directly supporting the rapid growth needed in renewable energy. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you'll fit right in.

We are committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long‑term conditions, mental health conditions, or who are neuro‑divergent or require pregnancy‑related support. If you need support, please reach out to careers@scottishpower.com.

ScottishPower is an equal opportunities employer. The Company provides a vocational training programme and a variety of employment and career opportunities. The Company is committed to fair recruitment and employment. DSI allegations are prohibited.