Apply Now
Details
Reference number
Salary
Civil Service Pension with an average employer contribution of 27%
Job grade
Contract type
Business area
Type of role
Security
Working pattern
Number of jobs available
Contents
Location
About the job
Job summary
Ofgem is dedicated to securing an affordable and environmentally sustainable energy supply for every UK household and business. Playing a vital role in the transition to Net Zero, our work positively impacts consumers and the environment, contributing to a carbon-neutral energy system.
We’re seeking an exceptional Cyber Assurance Advisor. This role will be accountable to the Head of CA Assurance. Its primary function is to oversee, assist, report, and provide guidance in adherence to the regulatory framework. The goal is to guarantee the resilience of operational systems and networks within the electricity and downstream gas sectors in Great Britain, owned and/or managed by operators of essential services, against cyber and related security threats.
Working closely with the Cyber Regulation Team, Leadership Team, Enforcement Team and Legal Team, you will contribute to developing a cyber assurance framework, encompassing activities like inspection, exercises, and testing for energy sector cyber resilience.
Your key responsibilities include assisting in scoping, conducting, and procuring cyber inspections, exercises, and testing trials. You will Interpret penetration test findings and engage with internal and external stakeholders for cybersecurity assurance in alignment with policies and regulations.
You will contribute to reviewing and interpreting assurance reports, aiding in remediation action plan creation, utilise expertise to support external providers of penetration testing services, assist in assessing sector systemic risks for prioritised testing, support organisations in complying with regulations, policies, procedures, and guidelines for assurance activities, record outputs and decisions from assurance activities, including incidents for potential enforcement processes and mentor and support Cyber Associates.
Ofgem provides highly adaptable working practices, facilitating a successful balance between work and life commitments. The organisation boasts a positive culture, characterised by an approachable and amiable senior leadership team dedicated to supporting employees in their roles. Ofgem actively fosters an inclusive environment that values, supports, and celebrates the diverse voices and experiences of its colleagues.
Join Ofgem and contribute to shaping the future of energy regulation and sustainability. Apply now and be part of a dynamic team committed to making a positive impact.
Job description
Ofgem is committed to making a positive difference for energy consumers through effective regulation of the market and close working with suppliers to ensure sustainable energy for consumers and businesses in the UK.
It is vital that operational systems and networks in the electricity and downstream gas sectors in Great Britain remain resilient against cyber and related security threats.
This role will be within the Cyber Professions Cyber Regulation Team of at Ofgem who act as Competent Authority (CA) for implementing regulations for Operators of Essential Services (OES), to improve security and resilience in the Downstream Gas and Electricity sector.
The role will report to the Head of CA Assurance. The key purpose of the role is to monitor, support, report and instruct against the regulatory framework to ensure operational systems and networks owned and/or managed, by Operators of Essential Services, in the electricity and downstream gas sectors in Great Britain, remain resilient against cyber and related security threats.
Key Responsibilities
- Support the development of a framework for cyber assurance activity such as inspection, exercising and testing for the cyber resilience of the energy sector.
- Support the scoping, conducting and procurement of cyber inspections, exercising, and testing trials for the new framework.
- Interpret penetration test findings.
- Engage with internal and external stakeholders to provide appropriate cyber security assurance in accordance with policy and regulations.
- Contribute to the review and interpretation of assurance reports for inspections, exercising and testing, and contribute to remediation action plan production.
- Use your knowledge to support external providers of penetration testing services.
- Provide support in assessing sector systemic risks that require prioritising for testing.
- Support organisations and industry to better comply with regulation, policies, procedures and guidelines for assurance activities.
- Record outputs and decisions from assurance activities and meetings, including any incidents, which may form part of an enforcements process.
- Mentor and support Cyber Associates.
Key Outputs and Deliverables
- Documentation on assurance activities such as testing and exercising for the energy sector.
- Lessons learned from assurance trials.
- Attend and engage on regular review meetings with 3rd parties.
- Provide timely support, and co-ordination of incidents and reporting.
- Review and support on testing reports and post assurance activities such as remediation plans.
Person specification
- (LEAD) Qualification in cyber security, evidenced through an appropriate professional qualification such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP, SA/IEC 62443 Cybersecurity Expert, relevant degree, or equivalent experience.
- (LEAD) Experience of the following criteria that can be demonstrated by achievements in past positions:
- Scoping, organising, interpreting results and reviewing remediation plans for cyber security testing activities.
- Client-facing experience with negotiation, advising and coaching skills across cyber security best practices.
- Excellent writing skills evidenced through report writing or similar.
- Experience of indirect or direct line management such as coaching and mentoring junior colleagues.
Must be able to achieve and maintain SC clearance.
Behaviours
We’ll assess you against these behaviours during the selection process:
Technical skills
We’ll assess you against these technical skills during the selection process:
- Please see Candidate Pack for details.
Benefits
£8,356 towards you being a member of the Civil Service Defined Benefit Pension scheme.
Find out what benefits a Civil Service Pension provides.
Things you need to know
Selection process details
When you press the Apply now button, you will be asked to complete personal details (not seen by the sift panel), your career history and qualifications.
You will then be asked to provide a 1250 word personal statement evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your personal statement, how you meet each of the essential and desirable skills and capabilities.
Feedback will only be provided if you attend an interview or assessment.
Security
Nationality requirements
Working for the Civil Service
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles (opens in a new window).
Apply and further information
You may want to save a copy for your records.
Contact point for applicants
Job contact :
- Name : Jen Hughes/Ofgem Resourcing Team
- Email : recruitment@ofgem.gov.uk
Recruitment team
- Email : recruitment@ofgem.gov.uk