Cyber Security Policy and Standards Manager

Welcome to the future of nuclear energy, where Westinghouse Electric Company is leading the field with expertise and innovation to shape the power of tomorrow.

At Westinghouse, innovation is in our DNA. We are creative. We think differently. We reimagine the possible across the nuclear industry every day.

As a Cyber Security Policy and Standards Manager you will lead the development, implementation, and governance of cyber security policies and standards across the UK Nuclear industry organisation.

This role is crucial for ensuring that all cybersecurity practices and procedures are compliant with both regulatory requirements and industry best practices, providing robust protection against cyber threats within the highly regulated nuclear sector.

You will report to the Chief Information Security Officer (CISO) and be located at Springfields Fuel Site.

• Design, implement, and continuously improve cybersecurity policies, procedures, and standards aligned with national and international nuclear industry regulations (e.g., NISR, UK NIS Directive).
• Monitor changes in cybersecurity laws, regulations, and government policies relevant to the nuclear sector. Ensure alignment with frameworks such as ISO 27001, NIST, and other applicable standards.
• Identify and assess cybersecurity risks, ensuring policies address threats to sensitive nuclear data and critical infrastructure, including both operational and strategic risks.
• Establish a process for regularly reviewing and updating internal cybersecurity policies and standards to reflect evolving technologies, emerging threats, and business needs.
• Collaborate with the Cyber Security Awareness team to ensure policies and standards are understood across the organisation. Deliver training and guidance to employees at all levels.
• Oversee the development of incident response protocols aligned with cybersecurity policies. Manage escalation and resolution of security incidents and maintain communication with regulatory bodies.
• Partner with senior leadership, IT, legal, compliance, and risk teams to embed cybersecurity standards into the organisation's strategy. Liaise with external auditors and regulators to maintain a strong security posture.
• Lead internal and external audits of cybersecurity practices. Recommend improvements based on audit findings, incidents, and threat intelligence.
• Maintain comprehensive documentation for cybersecurity policies, procedures, and compliance reports. Present findings to internal stakeholders and regulatory authorities.

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Strong background in cybersecurity policy management within regulated sectors such as nuclear, energy, or critical infrastructure.
• Knowledge of cybersecurity frameworks, regulations, and standards including ISO 27001, NIST, Cyber Essentials, and NISR.
• Understanding of UK nuclear industry security requirements and regulatory landscape.
• Skilled in risk management, incident response, and ensuring regulatory compliance.
• Familiarity with security governance in Critical National Infrastructure (CNI) environments.

Additional Qualifications

• Industry certifications such as CISSP, CISM, or CISA.
• Postgraduate qualification in a relevant field.

#LI-Hybrid

We know that to put forth your best effort, you need to be challenged and enjoy what you do in a supportive and respectful environment. We aim to maintain this balance by offering our employees the amenities, benefits and training they need to reach personal and professional goals.

Below is an example of what employees in the UK can expect:

• Attractive remuneration
• Great benefits for your convenience and safety:
  • Peer-to-peer recognition program.
  • Life insurance
  • Pension plan
  • Employee Assistance Program: confidential counseling and resources for employees, eligible dependents, and household members
• Learning and development opportunities.
• We encourage our employees to participate in community service events and other team-building activities to strengthen their bonds and inspire each other.

You can learn more about Westinghouse by visiting http://www.westinghousenuclear.com.

Westinghouse is an Equal Opportunity Employer including Veterans and Individuals with Disabilities.

Get connected with Westinghouse on social media: Twitter | Facebook | LinkedIn | YouTube