OT Cyber Risk Analyst

About the role

National Grid Electricity Transmission (NGET) is at the heart of energy in the UK. The electricity we provide gets the nation to work, powers schools and brings energy to life. Our energy network connects the nation, so it is essential that it is continually evolving, advancing, and improving.  We’re passionate about both operating our network safely and providing highly reliable quality of supply for our customers. At the heart of achieving these outcomes is the effective control and operation of our network. 

As Operational Technology (OT) Cyber Risk Analyst, you’ll be part of a meaningful mission of securing critical systems to enhance and ensure the resilience and security of the nation's electricity transmission systems. 

Providing decision-support information to help NGET make better strategy and investment choices for security, you’ll work directly with stakeholders in a variety of different business environments to ensure OT Cyber risks are appropriately analysed, prioritised, documented and reported.

You’ll be part of the wider NGET Control & Cyber Strategy team, supporting risk monitoring and reporting to continually refine risk positions according to changes in threat and control environments.  You’ll analyse and measure cyber risks against changing risk management processes, ensuring that risk treatment plans are proportionate to the risk and in line with NGET’s security & resilience strategies.

Further responsibilities:

• Add and maintain risks in the OT risk register, leveraging quantified threat, control, forecasts and vulnerability data to describe and measure.
• Drive risk assessments of the OT Network using risk frameworks such as IEC 62443.
• Perform monthly risk reporting of new, changed, or reassessed risks.
• Support the discussion and development of risk treatment options with relevant stakeholders.
• Ask the ‘right questions’ to elicit the areas of risk not fully understood or realised and ascertain when these areas of risk need escalation to a wider audience.
• Ensure cyber risks are investigated, documented and triaged.

This role is based at our office in Warwick for 2 days per week and can be combined with hybrid working from home.

What you'll need

With experience in Cyber Security, you’ll be familiar with performing risk assessments and analysis, along with data analytics and data visualisation.

Previous experience of OT and familiarity with NIS-R standards and other related regulations is preferred, as is an understanding of IEC 62443. However, applicants with a strong background in IT or network cyber risk analysis with experience in cyber regulations (such as the ISO 27000 series or NIST CSF) and an ability to demonstrate gaining knowledge in new areas will also be considered.

You’ll need good written and verbal communication skills, interpersonal and collaboration skills, coupled with the ability to communicate security and risk-related concepts to technical and non-technical audiences.  Relevant security risk qualifications (i.e. CRISC, FAIR.) would be an advantage.

Analytical skills, high attention to detail and the ability to manage multiple projects under strict timelines is essential, as is the ability to generate reports that deliver key messages to senior stakeholders.

Proficiency in Power BI, experience with MITRE ATT&CK, and advanced knowledge of Excel would all be an advantage.

What's in it for you?

• A salary of up to £45,600 - £56,000 + Benefits package + Training and Development.
• Holiday package 26 days annual leave plus 8 statutory days, with the option to buy additional or sell holiday days. 
• Generous contributory pension scheme - we will double-match your contribution to a maximum company contribution of 12%. Overall 18%.
• Financial support to help cover the cost of professional membership subscriptions, course fees, books, exam fees and time off for study leave – relevant to your role. 
• Access to flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few. 
• Family care benefits including a back-up care service for when your usual care arrangements fall through (six paid days each year as standard with the option to purchase further days). 
• Access to apps that support health, fitness and wellbeing.

More Information

This role closes at midnight on 20th May 2025, however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary. 

At National Grid, we are committed to building a diverse, inclusive and authentic workplace for everyone. So if you are excited about this role but your experience or qualifications do not match the job description exactly, we encourage you to apply anyway. You might just be the right person for our growing business in this role or another one.  

#LI-NB1

At National Grid, we work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.

Our goal is to drive, develop and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives and business need. We are committed to building a workforce so we can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.