Cyber Technical Workstream Lead

Cyber Technical Workstream Lead

ScottishPower HQ, Glasgow – hybrid working

Salary: £65-£82K plus (Up to 20% bonus, family healthcare & car allowance)

Permanent, Full Time

Help us create a better future, quicker

Joining ScottishPower within our Customer Business as a Cyber Security Workstream Lead, you’ll be responsible for delivering all technical aspects of the Retail Business Cyber Assurance workstream.

You’ll lead on all technical deliveries, vulnerability management and mitigating control delivery which feeds into the Cyber Assurance Strategy. You’ll focus on Digital and Energy Customer applications, and drive assurance activities interfacing with senior management whilst managing CAPEX/OPEX budget requirements associated with deliverables.

What you’ll be doing

You’ll provide expert security input to the Digital Asset and Application roadmaps, assessing current and target positions. Leading the delivery of large technical projects, you’ll manage a multidisciplined team supporting delivery and providing mentorship, as well as responsibility of million-pound CAPEX and OPEX budgets ensuring that these are kept within scope.

Report regularly to the Customer Business senior management team to ensure transparency of operational results, current progress on investment activities and effective risk management. Deputise for your line manager where required.

An understanding of multiple full technical stacks to enable effective impact assessment and effective dialogue with architecture, networking, security, operations, cloud, UNIX, DBAs, and application developers.

Assume accountability across the entire Retail business’ applications to deliver and maintain an operational control framework, manage a technical testing schedule, manage all involved party relationships and act as a key technical and operational specialist for all critical first line security controls.

Responsibilities include but are not limited to –

• Develop and create business cases to secure CAPEX investment for strategic projects

• Perform benchmarking of security posture and keep up to date with new technology and carry out proof of concepts to deliver security enhancements

• Develop and define security standards and best practice

• Oversee all audit activities to ensure compliance with internal standards and external regulations

• Report on key risk indicators and introduce mitigation plans where required

• Forecast future operating costs based on risk appetite and assurance roadmap

What you’ll bring

* The successful applicant for this role may be required to undergo and obtain a positive outcome from pre-employment screening in accordance with the requirements of British Standard BS7858.

The post holder will be degree educated, with significant experience of inputting into the IT security strategy of an organisation of similar size and scale to ScottishPower, and preferably hold relevant industry qualifications (e.g., CISSP, CISM and ISO27001).

You’ll have proven experience and knowledge of -

• Security Risk Management including the development, recommendation, and delivery of remediation plans

• Assessing technical designs across multiple IT/Digital disciplines and defining appropriate controls

• Lead a penetration testing and control assurance testing programme, mitigation plans where existing controls are deemed not fit for purpose

• Specialist security tools and their successful implementation

• Security best practice and understanding of vulnerability and risk management in an environment of mature security posture

• Estimating and managing CAPEX/OPEX budgets

• Key legislation and regulation impacting the delivery of IT strategy.

You’ll have a strong delivery focus, and leadership style particularly focussed on stakeholder management. High levels of integrity and discretion, and excellent communication skills, able to build effective relationships with key stakeholders. Strong influencing and negotiating where appropriate.

What’s in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%. 

At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that -  so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include:

• 36 days annual leave

• Holiday purchase – perfect your work/life balance with extra annual leave

• Share Incentive Plan and Sharesave Scheme

• Payroll giving and charity matched funding

• Technology Vouchers – save more and spread the cost of your technology purposes

• Count us in – pledge to reduce carbon emissions and help fight climate change

• Electric Vehicle Schemes – to help you transition to green/clean driving

• Cycle to Work scheme and public transport season ticket loans

• Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments

• Life Assurance (4x salary)

• Access to ‘nudge’ financial wellbeing support

• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why ScottishPower

ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.

ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to careers@scottishpower.com.

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.

IMPORTANT 

Advert will close at 23:59 GMT the day before Job Posting End Date below