We use cookies to improve your experience on our site. To find out more, read our privacy policy.

Our Ability Jobs

Job Information

National Grid Security Policy and Standards Lead - ESO in Warwick, United Kingdom

About the Role

Great Britain's electricity system is undergoing an ambitious, exciting and vital transformation. Together with industry, we are creating a cleaner, greener system, one that protects the planet and serves generations to come.

The Energy System Operator (ESO) are now looking for a Security Policy & Standards Lead. As the Security Policy and Standards Lead you will play a pivotal role in ensuring the robustness and effectiveness of our organisation's security posture. You will be responsible for developing, implementing, and maintaining comprehensive cyber, physical and personnel security policies, standards, and frameworks in alignment with industry best practices and regulatory requirements. Your expertise will be crucial in safeguarding our assets, maintaining regulatory compliance, and mitigating security risks.

This role can be based from Wokingham or Warwick, and we continue to offer hybrid working from office and home.

About Us

As Great Britain’s electricity system operator (ESO), we sit at the heart of the electricity system, using our outstanding engineering and commercial expertise to balance electricity supply and demand. Ultimately, we keep the electricity flowing directly to where it’s needed, second by second.

Becoming the Future System Operator

In 2021, government and Ofgem jointly consulted on proposals for an expert, impartial Future System Operator (FSO) with responsibilities across both the electricity and gas systems, to drive progress towards net zero while maintaining energy security and minimising costs for consumers. In October 2023, the Energy Act 2023 was passed, legislating for this Future System Operator to be created.

The ESO, including all of its existing roles, will be at the heart of the new Future System Operator. We will be taking on additional roles across vectors and sectors to create an organisation with a whole energy system mindset; enabling us to identify solutions to our energy system that are more sustainable, secure, and affordable for all.

The FSO will be set up as a public corporation with operational independence from government – bringing parties together to support optimised decision making and action. As now, it will be licenced and regulated by Ofgem through price control agreements. It is anticipated that the new organisation will be up and running in 2024.

The time to act on climate change is now. As part of our team, you won’t just be touching the lives of almost everyone in Great Britain – you’ll be shaping the way we use and consume energy for generations to come.

Key Accountabilities

  • Lead the development, review, and enhancement of security policies, procedures, and standards tailored to the organisation's unique requirements and risk landscape.

  • Design and implement cyber security frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS Controls, or other relevant standards to ensure a structured approach to security governance.

  • Stay abreast of evolving legal and regulatory requirements and ensure the organisation's cyber and physical security policies and practices align with applicable laws, regulations, and industry standards. Liaise with other ESO Policy leads to understand potential implications for Security.

  • Collaborate with cross-functional teams to understand areas of risk and non-compliance to ensure that policies and standards are effective, efficient and updated as necessary to ensure appropriate risk mitigation and compliance.

  • In collaboration with internal stakeholders, develop measurement, analysis, and reporting of security performance metrics and key performance indicators (KPIs) across the organisation. Align with internal requirements, industry standards and best practice.

  • Gather security-related data from various sources, including but not limited to security tools, logs, incident reports, and compliance assessments.

  • Develop and maintain a comprehensive reporting framework for security performance, including dashboards, scorecards, and regular reports tailored to different audiences, such as executive leadership, security teams, and business units.

  • Present reports and analysis in a clear, concise, and actionable manner

  • Provide insights into emerging risks, effectiveness of security controls, areas for investment/enhancement or areas of concern.

  • Benchmark security performance metrics against industry standards, peer organizations, and historical data. Identify opportunities for improvement by comparing performance against industry best practices and benchmarks.

  • Work with the Regulation team and Security Compliance Officer provide data and reporting required for external obligations, compliance with regulatory requirements, contractual obligations, and internal policies.

  • Drive continuous improvement efforts based on insights gained from security performance reporting. Work with stakeholders to prioritize initiatives and allocate resources effectively.

About You

  • Experience in security policies & standards, governance, risk & compliance activities, or related roles, preferably in a highly regulated industry such as energy, finance, government.

  • Understanding of security regulations, laws, and industry standards (e.g., NIS, GDPR, NIST CSF)

  • Strong understanding of security principles, practices, and technologies.

  • Experience in developing and implementing security performance metrics and reporting frameworks.

  • Analytical mindset, used to dealing with data to support business performance and reporting with a focus on problem-solving and continuous improvement.

  • Focus on automation and dynamic data driven performance measures, experience of collating data from tooling such as SIEM, GRC tooling etc.

  • Degree-level qualification or equivalent combination of education and experience in Information Security, Computer Science, Data Analytics, or related field, preferably with experience in a critical national infrastructure organisation

  • Security qualifications/certifications in appropriate areas are desirable but not necessary.

  • Strong project management skills, with the ability to manage multiple priorities and deadlines effectively.

What You'll Get

A competitive salary between £65,000 – 75,000 – dependent on experience and capability.

As well as your base salary, you will receive a performance driven bonus, 28 days annual leave as standard, and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%.

You will also have access to a comprehensive benefits package tailored to support your well-being and professional success. From a competitive salary to flexible work arrangements, we promote your work-life balance. Enjoy fit for purpose wellbeing and lifestyle offerings, ongoing skill development aligned to our Purpose and Values, and be part of a supportive community that values your individuality and where you can belong.

More Information

This role closes on 03/07/2024 at 23:59, however we encourage candidates to submit their application as early as possible and not wait until the published closing date as this can vary.

We work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office.

We're committed to building a workforce that represents the communities we serve, and a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.

#LI-BO1

#LI-HYBRID

DirectEmployers