Vulnerability Analyst - NESO

About the Role

National Energy System Operator (NESO) is on a journey towards a sustainable and secure energy future. Together we build on this momentum, advancing the Electricity System Operator’s (ESO) plan for zero carbon operability of the electricity system by 2025.

Within the scope of the NESO Security team a new capability is being created, which will provide industry leading vulnerability management during our transformation and beyond to day-to-day operations. This exciting opportunity will allow the post holder to help deliver a cutting-edge vulnerability management service, within ESO, and will play a pivotal role in supporting its evolution in support of the NESO Security strategy.

 
The Vulnerability Analyst will, as part of a team, identify, assess, prioritise, and organise remediation of vulnerabilities, while spearheading process improvements within the function, leveraging technological advancements within the field. The post holder will use their collaboration and communication skills to share their vision with other stakeholders, both external and internal, ensuring the capability is delivered appropriately. They will also foster a proactive security culture and help strengthen the organisation’s resilience by effectively delivering an essential area of a comprehensive cyber defence in a rapidly changing threat landscape.

This role can be based from Wokingham or Warwick, and we continue to offer hybrid working from office and home.

About us

Traditionally, Britain’s energy system has been split into two areas – gas and electricity – but to ensure that Britain’s energy system is secure and affordable there needs to be co-ordination across the whole energy system, with one single entity responsible for translating policy into immediate strategy. National Energy System Operator (NESO) will bring unparalleled change.

Forge a path to a sustainable future for everyone.
Your energy, our future, together.

About the National Energy System Operator (NESO)
In Autumn of 2024, the ESO transitioned to National Energy System Operator, or NESO for short. Previously denoted as the Future System Operator (or FSO), the new National Energy System Operator is the independent body responsible for planning Great Britain’s electricity and gas networks and operating the electricity system.  

The ESO, including all of its existing roles, are now at the heart of the new National Energy System Operator. As NESO, we will build on our existing roles, capabilities, and ways of working significantly to create an organisation the energy system and its users’ need. Our new capabilities will enable us to look across vectors, including electricity, natural gas and hydrogen, and crucially consider the trade-offs between them. 

The organisation is set up as a public corporation with its own Board of independent directors, with complete operational independence from government, the regulator and any and all commercial interest. As was the ESO, NESO will be licenced and regulated by Ofgem through price control agreements and obligated to identify optimal solutions to system operations and planning in the most sustainable, affordable and secure way for all. 

The time to deliver is now. As part of our team, you won’t just be touching the lives of almost everyone in Great Britain – you’ll be shaping the way we use and consume energy for generations to come.

Key Accountabilities

• Help deliver, maintain, and improve the vulnerability management program for the organisation. 
• As part of a team, identify, assess, prioritise, and organise remediation of vulnerabilities across the IT infrastructure, systems and applications. 
• Coordinate and collaborate with internal and external stakeholders, such as IT teams, business units, vendors, auditors, and regulators. 
• Help develop and implement vulnerability management policies, standards, procedures, and best practices. 
• Provide help with vulnerability management projects, initiatives, and strategies. 
• As part of a team, conduct vulnerability assessments, scans, tests, and reviews. 
• Help to scope and organise penetration testing for applications and infrastructure within the business 

About You

• A desire to take on an exciting and challenging role, remaining engaged with the team deliverables while learning and growing as an analyst. 
• Team player and adept at working in multi-disciplinary and diverse teams. 
• Proven analytical skills and capable of solving new and complex problems. 
• Experience in scripting or programming (Python, Bash, PowerShell, Etc) – desirable but not required  
• Understanding of CVE, CVSS and security assessment tools. 
• Hands-on experience with vulnerability scanning tools. 
• Excellent written and verbal communication skills with the ability to communicate the impact and importance of detailed technical information to non-technical and senior audiences.  
• Awareness of current and emerging cyber threats, trends, and best practices 

What You'll Get

A competitive salary between £42,000 – 50,000 – dependent on experience and capability.

As well as your base salary, you will receive a bonus based on company performance, 26 days annual leave as standard and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. 

You will also have access to a comprehensive benefits package tailored to support your well-being and professional success. From a competitive salary to flexible work arrangements, we promote your work-life balance. Enjoy fit for purpose wellbeing and lifestyle offerings, ongoing skill development aligned to our Purpose and Values, and be part of a supportive community that values your individuality and where you can belong.

More Information

We work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.

 
We're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.