Overview

Are you ready to make a meaningful impact in the world of cyber security? UK Power Networks is seeking a Senior Cyber Security Risk Specialist to join the Information Systems directorate in either our London or Crawley office. Salary: up to 75,000.00 plus a 7.5% bonus.

Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You’ll report to the Cyber Security Governance, Risk & Compliance Manager and work closely with a group of 8-10 GRC professionals and expert partners. You’ll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. You will interact with senior management across IT, IS, the broader business, auditors, and third-party partners, translating technical risks into actionable recommendations.

Responsibilities

• Conduct cyber security risk assessments using the UK Power Networks framework.
• Identify, track, and remediate control environment risks; address third-party risks.
• Produce management information and regulatory submissions; maintain compliance with major standards (e.g., ISO 27001/27002) and provide assurance for policy compliance.
• Establish robust GRC policies and procedures; develop the IT controls framework; support business continuity and disaster recovery planning.
• Operate and improve the information security management system; ensure ongoing legal and regulatory compliance (Cyber Essentials, NIS Regulations, Smart Energy Code).
• Support the technical implementation of GRC tools.
• Collaborate with internal and external partners to drive cyber maturity and enable ongoing license to operate through a strong security posture.

Qualifications

• Practical experience in GRC, audit, or cyber security; relevant training in cyber risk assessment.
• Knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security.
• Professional certifications (e.g., CISSP, CompTIA, CISA, CISM, CRISC) or an academic background in information security.
• Hands-on experience with compliance frameworks, IT/OT risk assessments, and audit engagements.
• Familiarity with regulated environments, particularly in the energy sector, is advantageous.

Benefits

• 25 days of annual leave plus bank holidays, reservist leave, and a generous pension plan.
• Tenancy loan deposit and season ticket schemes; tax-efficient benefits; health support; retail discounts; employee assistance programme.
• Commitment to health, safety, wellbeing, and equal opportunity with a diverse and inclusive workplace.

How to apply

If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, apply to view the full job description on our careers page. Closing date: 28/09/2025.