Senior Cyber Risk Manager

As the Senior Cyber Risk Manager here at EDF, you will be responsible for providing organisational oversight, leadership, and delivery of risk management across EDF Business Units together with producing the aggregated EDF UK holistic risk management position.

• Identify and oversee the mitigation of cyber risks owned by the central Enterprise Information Security team, including identifying, managing, mitigating and reporting cyber‑related risks.
• Develop and manage the organisational Cyber Risk Management Framework, including related processes aligned with industry best practices and organisational capabilities.
• Develop risk‑management‑related policies and ensure alignment with regulation and wider EDF UK business policies.
• Oversee and govern organisational risk management, ensuring effective and comprehensive risk oversight and that risk owners actively manage and remediate risks.
• Monitor the efficiency and effectiveness of risk‑management processes across EDF UK and recommend continuous improvement, incorporating emerging risks such as AI and other disruptive technologies.
• Communicate the cyber risk position to stakeholders, attend senior risk forums and advise on addressing cybersecurity risks, fostering strong relationships and advocating the integration of cyber risk into all business processes.
• Build, maintain and manage risk tooling, currently ServiceNow Integrated Risk Management, to facilitate active risk management and maintain an up‑to‑date central risk register, ensuring continuous review and reporting to senior leaders.
• Work with the Assurance team to keep the Enterprise ISMS current and effective, ensuring cyber‑security controls are defined, deployed and gaps reported.
• Own the delivery of the EDF Enterprise risk position, drive operational risk practices and embed a proactive risk culture within central and business unit risk‑management teams.
• Work with and challenge businesses to create and maintain appropriate risk registers.
• Curate the aggregate risk position for the EDF UK business, covering cyber‑security top risks and control statements.
• Communicate the aggregated risk position to senior executive stakeholders.
• Lead the Cyber Risk Management Community of Practice to share best practice among EDF UK businesses.
• Stay current with emerging cyber threats, risk‑management techniques, and regulatory changes.

• Experience in risk‑management delivery within a large, complex, and regulated environment.
• Hands‑on delivery experience in the cyber‑security field, including implementing and managing technical or procedural controls in operational environments.
• Strong influence and persuasion skills with the ability to build trust‑based relationships.
• Experience working with external partners and ensuring controls are tested and improved in line with standards such as Cyber Essentials+, ISO27001, supplier‑related risk and third‑party assurance.
• Knowledge of identifying, assessing, and mitigating cyber risks with frameworks such as ISO 27001/27005, NIST, CAF, Cyber Essentials+ and understanding of security concepts and controls in both IT and OT environments.

• Salary negotiable depending on experience.
• Potential to earn a 10% bonus.
• 28 days holiday plus bank holidays and a market‑leading pension scheme.
• Enhanced parental leave, electric vehicle leasing, health insurance, product discounts, critical illness insurance, technology vouchers, gym membership, season ticket loans and more.
• Flexible working environment: office spaces, on site, or remote with support for collaboration, connection and comfort.

At EDF UK, we embrace flexibility while recognising that everyone's working needs are different. Whether you're in our office spaces, on site, or working remotely, we promote an environment that supports collaboration, connection, and comfort. No matter where you are, our priority is to make sure you feel safe, valued, and celebrated. We do right by each other and everyone's welcome. We're on an action‑oriented journey, championing equity, diversity, and inclusion, aiming for an equal gender balance and representing a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility. We are a disability confident employer and will help with your application. Please let us know if you need to request reasonable adjustments. We take pride in fostering a dynamic and inclusive environment, where the diverse backgrounds and experiences of our employees drive fresh thinking and innovation.