Log In Sign Up

Cyber Assurance Analyst

Premium Job From Ofgem

Recruiter

Ofgem

Listed on

29th April

Location

UK

Salary Notes

London £35,070-£48,561 National £32,498-£45,831. Please ensure that you read the Pay and Reward information for Civil Service and internal colleagues before applying.

Type

Permanent

This job has now expired please search on the home page to find live IT Jobs.

Ofgem is dedicated to securing an affordable and environmentally sustainable energy supply for every UK household and business. Playing a vital role in the transition to Net Zero, our work positively impacts consumers and the environment, contributing to a carbon-neutral energy system.

We're seeking an exceptional Cyber Assurance Analyst. Its primary function is to oversee, assist, report, and provide guidance in adherence to the regulatory framework. The goal is to guarantee the resilience of operational systems and networks within the electricity and downstream gas sectors in Great Britain, owned and/or managed by operators of essential services, against cyber and related security threats.

Working closely with the Cyber Regulation Team, Leadership Team, Enforcement Team and Legal Team, you will contribute to developing a cyber assurance framework, encompassing activities like inspection, exercises, and testing for energy sector cyber resilience.

Your key responsibilities include assisting in scoping, conducting, and procuring cyber inspections, exercises, and testing trials. You will Interpret penetration test findings and engage with internal and external stakeholders for cyber security assurance in alignment with policies and regulations.

You will contribute to reviewing and interpreting assurance reports, aiding in remediation action plan creation, utilise expertise to support external providers of penetration testing services, assist in assessing sector systemic risks for prioritised testing, support organisations in complying with regulations, policies, procedures, and guidelines for assurance activities, record outputs and decisions from assurance activities, including incidents for potential enforcement processes and mentor and support Cyber Associates.

Ofgem provides highly adaptable working practices, facilitating a successful balance between work and life commitments. The organisation boasts a positive culture, characterised by an approachable and amiable senior leadership team dedicated to supporting employees in their roles. Ofgem actively fosters an inclusive environment that values, supports, and celebrates the diverse voices and experiences of its colleagues.

Join Ofgem and contribute to shaping the future of energy regulation and sustainability. Apply now and be part of a dynamic team committed to making a positive impact.

#LIRemote

Job description

Ofgem is committed to making a positive difference for energy consumers through effective regulation of the market and close working with suppliers to ensure sustainable energy for consumers and businesses in the UK. 

It is vital that operational systems and networks in the electricity and downstream gas sectors in Great Britain remain resilient against cyber and related security threats. 

This role will be within the Cyber Profession's Cyber Regulation Team of at Ofgem who act as Competent Authority (CA) for implementing regulations for Operators of Essential Services (OES), to improve security and resilience in the Downstream Gas and Electricity (DGE) sector. 

The key purpose of the role is to monitor, support, report and instruct against the regulatory frameworks such as the NCSC Cyber Assurance Framework to ensure operational systems and networks owned and/or managed, by Operators of Essential Services, in the electricity and downstream gas sectors in Great Britain, remain resilient against cyber and related security threats. 

Candidates with Operational Technology, Industrial Automation and Control System or other relevant downstream gas and electricity industry experience are encouraged to apply. 

Key Responsibilities 

  • Support DGE organisations and industry to better comply with regulation, policies, procedures and guidelines. 
  • Contribute to the review and interpretation of items such as self-assessment reports, improvement plans, remediation plans and cyber investment plans.  
  • Contribute to DGE sector assurance activities. 
  • Produce and maintain documentation with a high degree of accuracy and consistent quality.
  • Support incident reporting functions. 

Person specification

Key Outputs and Deliverables 

  • Record outputs and decisions from engagement or assurance activities and meetings. 
  • Attend and engage on regular meetings with 3rd parties. 
  • Record outputs from analysis of evidence. 
  • Analysis data and produce reports. 
  • Maintain trackers and schedules.  
  • Update guidance documentation. 

 Essential Criteria

  • [Lead criteria] Must be able to achieve and maintain SC clearance.  
  • [Lead criteria] Proven work experience as a Cyber Analyst or similar role with demonstrable experience of the following activities: 
  • Reviewing cyber security data and making recommendations.  
  • Client-facing experience. 
  • Excellent writing skills evidenced through report writing or similar. 
  • Extensive experience working collaboratively with diverse colleagues.  
  • Experience of indirect or direct line management such as coaching and mentoring junior colleagues. 

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below:

Google Chrome
Google Chrome
 Opera
Opera
 Mozilla Firefox
Mozilla Firefox