Senior Cyber Security Risk Specialist

Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to £75,000.00 plus a 7.5% bonus.

Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations.

Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools.

Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture.

We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous.

Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level.

If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025