Business Information Security Officer

At EDF, success is personal. Here you’ll develop a career that’s unique to you. Whether you want to move horizontally, deepen your specialty, or advance through the levels — it’s your journey, powered by us. Join us and be part be of our mission to help Britain achieve Net Zero

 

The Opportunity

 

As the Business Information Security Officer you will provide technical oversight and leadership in the assessment of Cyber risks to ensure the safe, reliable and ongoing operations of our nuclear power stations.  

 

You’ll be the technical controlling mind in assessing the impact of potential cyber events and prioritising EDF Nuclear Operations activities and ensure the business is ready and able to identify, manage and recover from such events on behalf of the Licensee and Senior Information Risk Owner (SIRO).

 

This position is based out of Gloucester Business Park, working to hybrid model with a mix of home and office working.  Some travel will be required to other locations.

 

Pay, benefits and culture

 

Alongside a competitive salary from £90,000+ pa, we offer a competitive benefits package, including a company pension scheme, and a wide range of flexible benefits to suit your lifestyle.

 

At EDF UK, we embrace flexibility while recognising that everyone's working needs are different. Whether you're in our office spaces, on site, or working remotely, we promote an environment that supports collaboration, connection, and comfort. No matter where you are, our priority is to make sure you feel safe, valued, and celebrated. 

 

Here, we do right by each other and everyone’s welcome. We’re on an action-oriented journey, championing equity, diversity, and inclusion. We’d like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility.  

 

We’re a disability confident employer and we’ll do all we can to help with your application. Please let us know if you need to request reasonable adjustments. 

 

We take pride in fostering a dynamic and inclusive environment, where the diverse backgrounds and experiences of our employees drive fresh thinking and innovation. We understand that success means different things to different people. We believe there are multiple definitions of what it means to succeed. That’s why we support you to pursue a career that’s unique to you. Because success is personal.

 

What you’ll be doing

 

Within this role, you will:

 

• Develop and implement a business cyber strategy as agreed by the SIRO.
• Support and create the implementation of security policies, standards, guidelines and processes and monitoring compliance against these requirements. If necessary, identify remedial actions where there is underperformance to mitigate risk.
• Be responsible for the  risk framework within Nuclear Operations according to the business risk appetite and work collaboratively with Operational Technology and IT risk owners; ensuring that the reporting of risk and management is in accordance with the cyber risk management framework.
• Report KPI and risk indicators for escalation to the SIRO and EDF UK CISO (Chief Information Security Officer) to demonstrate effective controls and governance of the cyber security arrangements.
• Provide regulatory reporting for cyber security and as needed, engagement with relevant regulators stakeholders such as Ofgem, DESNZ, ONR.
• Embed the compliance regime with respect to applicable regulations and industry standards.
• Assess and manage the  improvement of security posture and control coverage and maturity.
• Work with NISO (Nuclear Information Security Officer)  EDF UK CISO and other BISOs to improve overall security posture of EDF UK collaboratively and consistently drive  business outcomes across the group.
• Provide oversight for Information & Cyber Security controls delivered in  functional teams.
• Actively promote secuiry awareness to embed a strong cyber secuirty culture in Nuclear Operations.  

 

Who you are

 

You will have a solid understanding of information and cyber security risk principles coupled with strong business acumen and effective leadership skills underpinned by excellent written and oral communication.

 

You’ll have excellent interpersonal skills with the ability to empower and engage people at all levels, including senior stakeholders (Board, CISO), with senior leadership experience in cyber security management and/ or GRC management including proven experience of successfully leading, high performing teams.

 

You will be technically competent with an ability to influence senior leaders and internal stakeholders with excellent knowledge of risk assurance, industry security standards and frameworks, technical security principles, and risk management frameworks. Detailed knowledge of the Nuclear Operations Risk Management System and Processes is also key.

 

You’ll possess knowledge and experience of relevant regulations and policy including Nuclear Industries Security Regulations (NISR 2003) and Data Protection Act (2018) and knowledge of Industry Standard cyber security management frameworks such as NIST and CAF.

 

Your personal strengths  will be action orientated with a driven mentality;  a problem solver with the ability to assimilate rapidly pertinent information from a variety of sources (written and spoken) and recommend/direct clear courses of action. Your experience of external stakeholder management and engagement at senior level with Government, regulators and other governmental agencies will be crucial to the role and experience in delivering projects within a technically complex and dynamic environment, ideally within the Nuclear or energy sector or similar regulated environment.

 

As a minimum you will have a HNC qualification and a degree in a relevant subject is advantageous. SC level vetting is a requirement for this position.

 

For any questions or queries regarding this role, please get in touch with: hannah.clark@edfenergy.com

 

Applications for this role close on 9th December 2024, with interviews to be held on 19th & 20th December 2024.

 

Join us and together we can help Britain achieve Net Zero.

 

#DestinationNuclear #EDFjobs