Cyber Compliance and Risk Specialist

Job Description

Gloucester Business Park - with flexibility of working from home, minimum 3 days a week in the office.

Are you a passionate cybersecurity professional ready to take the next step in your career? Do you have a strong analytical mindset, a willingness to learn, and a keen interest in protecting critical infrastructure? Are you a team player who thrives in a fast-paced environment where every day brings new challenges and opportunities to grow? If so, come and join EDF as a Cyber Compliance and Risk Specialist!

The Opportunity

As a Cyber Compliance and Risk Specialist, you’ll assist the IT Cyber Requirements Manager in maintaining, enhancing, and ensuring the security of IT assets across the nuclear power station fleet.

While continuously developing your expertise, you’ll provide support and guidance to the Central Technical Organisation and the fleet on network, system, and device security. This includes contributing to governance, design reviews, risk assessments, and incident response. Additionally, you’ll support broader Cyber Security team activities as needed.

The role offers a great opportunity to develop your cybersecurity expertise while contributing to the security and resilience of critical infrastructure.

Pay, benefits and culture

Alongside a starting salary of £55,000 and a market-leading pension scheme, your package will include a range of benefits, from the big and formal to the small and personal.

We’re talking about everything from enhanced parental leave to electric vehicle leasing, health insurance to product discounts, critical illness insurance to technology vouchers, gym membership to season ticket loans.

At EDF UK, we embrace flexibility while recognising that everyone's working needs are different. Whether you're in our office spaces, on site, or working remotely, we promote an environment that supports collaboration, connection, and comfort. No matter where you are, our priority is to make sure you feel safe, valued, and celebrated.

Here, we do right by each other and everyone’s welcome. We’re on an action-oriented journey, championing equity, diversity, and inclusion. We’d like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility.  

We’re a disability confident employer and we’ll do all we can to help with your application. Please let us know if you need to request reasonable adjustments.

We take pride in fostering a dynamic and inclusive environment, where the diverse backgrounds and experiences of our employees drive fresh thinking and innovation. We understand that success means different things to different people. We believe there are multiple definitions of what it means to succeed. That’s why we support you to pursue a career that’s unique to you. Because success is personal.

What you’ll be doing

You’ll assess and prioritise security vulnerabilities, manage access rights procedures, and develop policies for data lifecycle management, security, and protection. This includes implementing encryption standards, privileged access management, and backup procedures to ensure compliance with security policies and regulations.

You’ll be responsible for maintaining security controls, managing third-party security risks, and strengthening network and infrastructure protections. Your role will also involve identifying, evaluating, and mitigating security risks while ensuring the confidentiality, integrity, and availability of sensitive nuclear information.

Additionally, you’ll support the deployment of security patches, define resiliency requirements for critical services, and improve business continuity plans by learning from past incidents. You’ll also maintain records of security events to enhance future response strategies.

Who you are

You’ll have a strong analytical mindset, problem-solving skills, and a keen interest in Information Security. You’ll be inquisitive and eager to learn about cybersecurity threats, risks, tools, and methodologies while working towards securing IT assets across the nuclear power station fleet.

A background in STEM subjects at A-level or equivalent is essential and holding or working towards industry-recognised security certifications, such as GICSP, CISMP, or foundational cyber certifications like ISC2 CC or CompTIA Security+, would be advantageous.

You’ll have the ability to work independently, take initiative, and collaborate effectively as part of a team. Strong communication and teamwork skills are essential, as you’ll be engaging with various stakeholders to support security operations, risk management, and compliance efforts. Experience in access control, security policies, and vulnerability assessment will be beneficial in this role.

If this sounds like you then we’d love to hear from you!

Closing date for applications: 27th March 2025

#NuclearServicesJobs #HinkleyPointCJobs #LI-Hybrid #DestinationNuclear #EDFNuclearJobs

Additional Information

Success is personal. It's your journey, powered by us. Join us and we'll help Britain achieve Net Zero together.