Cyber Risk and Governance Manager

Cyber Risk and Governance Manager

Location: Glasgow

Salary: £65-82K (plus up to 20% bonus, family healthcare and car allowance)

Permanent, Hybrid

ScottishPower Energy Networks (SPEN) is seeking a dynamic and experienced professional to take on a pivotal role in shaping and managing our Cyber Security Risk team. This position is central to ensuring that cyber risks are effectively identified, assessed, and communicated across the business, supporting strategic decision-making and safeguarding our operational technology environments.

As the Cyber Security Risk & Governance Manager, you will define and maintain the policies, frameworks, and methodologies that underpin our cyber security posture. You’ll lead a dedicated team, driving forward key objectives aligned with SPEN’s Cyber Security Strategy, and work closely with senior stakeholders including the Head of Governance, Risk and Assurance, the Cyber Security Forum, and the Audit & Compliance Committee.

Your expertise will help establish and embed a robust Cyber Governance Model, ensuring that cyber security is governed consistently across all areas of the business. You’ll be instrumental in developing our Cyber Risk Profile, implementing data governance practices, and supporting the adoption of risk tooling. This role also involves producing governance and risk committee papers, managing exception procedures, and maintaining key risk and performance indicators.

Collaboration is key. You’ll build strong relationships across global and local teams, contribute to the global definition of cyber security strategy, and provide expert advice across SPEN’s business units and corporate functions. Your insights will inform assurance activities and help guide risk-based decisions at all levels.

We’re looking for someone with deep technical knowledge and industry-recognised qualifications such as CISSP, CISM, or GICSP. You should bring significant experience in cyber security risk management and governance, ideally within a global organisation and the UK energy sector. Familiarity with frameworks like ISO 27001 and IEC 62443, and an understanding of OT environments, are essential.

This is a unique opportunity to lead, influence, and make a tangible impact in a critical area of our business. If you’re ready to take on a strategic leadership role in cyber security and help shape the future of energy networks, we’d love to hear from you

What’s in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%.

At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that -  so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include:

• 36 days annual leave

• Holiday purchase – perfect your work/life balance with extra annual leave

• Share Incentive Plan and Sharesave Scheme

• Payroll giving and charity matched funding

• Technology Vouchers – save more and spread the cost of your technology purposes

• Count us in – pledge to reduce carbon emissions and help fight climate change

• Electric Vehicle Schemes – to help you transition to green/clean driving

• Cycle to Work scheme and public transport season ticket loans

• Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments

• Life Assurance (4x salary)

• Access to ‘nudge’ financial wellbeing support

• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why SP Energy Networks

SP Energy Networks is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. We keep electricity flowing to homes and businesses through Central and Southern Scotland, North Wales and in the North West of England. We operate over 4000km of cables and lines that make-up the transmission network – connecting infrastructure like wind farms into the electricity system. It’s a role that puts us right at the heart of Scotland’s ambition to be Net Zero by 2044. And we’re taking it very seriously. We’re investing >£5.5 billion into our transmission network, directly supporting the rapid growth needed in renewable energy. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.

We are committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to careers@scottishpower.com.

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.

IMPORTANT 

Advert will close at 23:59 GMT the day before Job Posting End Date below