Security Lead

EDF Energy is a core part of the EDF Group, one of the largest energy companies in Europe with key business operations in the UK, France, Italy and Belgium. We're the UK’s largest producer of low-carbon electricity, the biggest supplier of electricity by volume in Great Britain, the largest supplier to British businesses and we employ more than 13,000 people. We operate nuclear, coal and gas power stations, wind farms, and combined heat & power plants. We have a focus on safe, dependable energy generation and an ethos of service excellence. We are playing a leading role in new nuclear build in the UK to secure a bright future for the combined business and its employees.
Security Lead
EDF have an exciting opportunity for a Security Lead to join our growing Cyber Security Team in the UK.
The Opportunity…
Cybersecurity has a fundamental role to play in the success of the EDF UK core mission in helping Britain achieve Net Zero by promoting trust and confidence in the EDF UK brand and the safety of nuclear power, the availability of EDF UK Systems which are critical to the safe and effective nuclear operational excellence, and by protecting the data of our customers and sensitive nuclear information.
The Cyber Security Compliance team support business units by providing secure services and platforms to enable businesses to focus on their core missions. The Cyber Security Compliance team provide assurance that data is managed appropriately, and security controls remain effective ensuring value for money and an excellent customer experience.
Pay, benefits and culture
In addition to a starting salary of £50,000, potential to earn 5% bonus, 28 days of annual leave plus bank holidays and a market-leading pension scheme, we offer a range of flexible benefits to support our people across all aspects of their lives.
Your rewards package includes a choice of benefits, such as electric vehicle leasing, enhanced parental leave, health insurance, discounts and employee pricing.
Flexible working means you can work from home (if you wish) and we’ll provide a suite of IT equipment to ensure that you can work remotely comfortably and effectively. Location for this role is flexible with travel as required to meet business stakeholders or colleagues at our office in Gloucester once a month.
At EDF, everyone’s welcome. We strive to create an inclusive and diverse environment where everyone has a voice and where you feel confident being yourself. We’re committed to equality, diversity and inclusion. We’d like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility.
We’re a disability confident employer and we’ll do all we can to help with your application, making adjustments as you need.
We’ll value the difference you bring and offer opportunities for you to thrive and succeed.
What you’ll be doing
You will be supporting a small but high performing team focused on Compliance activities, reporting into the Compliance Manager with second line reporting to the Business Information Security Officer.
The Security Lead will:
- Assist the Compliance Manager with the development of control frameworks to meet ongoing Smart Metering and Smart Energy Code regulatory requirements.
- Assist in developing security and compliance strategies aimed at Smart Metering licence conditions and ISO27001 certification.
- Liaising with support partners to ensure on-going compliance with internal and external ISO27001 audits.
- Liaising with supply chain to ensure all security compliance requirements are understood and maintained.
- Delivery and reporting on the status of all cyber audit requirements, with a primary focus on Smart Metering.
Who you are
It’s not just the technical competencies that are important to be successful in this role, the way you carry it out and the behaviours you demonstrate are equally important.
This includes:
- A background implementing and managing security and regulatory frameworks certified 27001 Lead Auditor/Implementer
- Knowledge of Smart Energy Code, PCI DSS, and GDPR/DPA
- An understanding of IT infrastructure, architecture, and information security.
- Knowledge of security tools & technologies within a large & complex environment including vulnerability scanning, anti-malware / EDR, SIEM, DLP, etc.
- Background in security governance of a large organisation including security audits/assessments, reporting, and defining and implementing improvement roadmaps.
- Experience in any of the following is desirable: systems engineering, including infrastructure, networking, servers, end-point devices, storage, operating systems, and applications.
- The ability to obtain SC clearance is required for this role.
If this sounds like you then we’d love to hear from you!
Closing date for applications: 06/03/2024
Join us and together we can help Britain achieve Net Zero.