Cyber Assurance Advisor


Apply Now
 

Details

Reference number

331195

Salary

£30,950 – £46,157
London £33,400-£46,157 National £30,950-£43,649. Please ensure that you read the Pay and Reward information for civil service and internal colleagues before applying.
A
Civil Service Pension
with an average employer contribution of 27%

Job grade

Higher Executive Officer
Level 2a

Contract type

Permanent

Business area

Cyber

Type of role

Knowledge and Information Management
Security

Working pattern

Flexible working, Full-time

Number of jobs available

1

Contents

National

Job summary

Ofgem is dedicated to securing an affordable and environmentally sustainable energy supply for every UK household and business. Playing a vital role in the transition to Net Zero, our work positively impacts consumers and the environment, contributing to a carbon-neutral energy system.

We’re seeking an exceptional Cyber Assurance Advisor. This role will be accountable to the Head of CA Assurance. Its primary function is to oversee, assist, report, and provide guidance in adherence to the regulatory framework. The goal is to guarantee the resilience of operational systems and networks within the electricity and downstream gas sectors in Great Britain, owned and/or managed by operators of essential services, against cyber and related security threats.

Working closely with the Cyber Regulation Team, Leadership Team, Enforcement Team and Legal Team, you will contribute to developing a cyber assurance framework, encompassing activities like inspection, exercises, and testing for energy sector cyber resilience.

Your key responsibilities include assisting in scoping, conducting, and procuring cyber inspections, exercises, and testing trials. You will Interpret penetration test findings and engage with internal and external stakeholders for cybersecurity assurance in alignment with policies and regulations.

You will contribute to reviewing and interpreting assurance reports, aiding in remediation action plan creation, utilise expertise to support external providers of penetration testing services, assist in assessing sector systemic risks for prioritised testing, support organisations in complying with regulations, policies, procedures, and guidelines for assurance activities, record outputs and decisions from assurance activities, including incidents for potential enforcement processes and mentor and support Cyber Associates.

Ofgem provides highly adaptable working practices, facilitating a successful balance between work and life commitments. The organisation boasts a positive culture, characterised by an approachable and amiable senior leadership team dedicated to supporting employees in their roles. Ofgem actively fosters an inclusive environment that values, supports, and celebrates the diverse voices and experiences of its colleagues.

Join Ofgem and contribute to shaping the future of energy regulation and sustainability. Apply now and be part of a dynamic team committed to making a positive impact.

Job description

Ofgem is committed to making a positive difference for energy consumers through effective regulation of the market and close working with suppliers to ensure sustainable energy for consumers and businesses in the UK.

It is vital that operational systems and networks in the electricity and downstream gas sectors in Great Britain remain resilient against cyber and related security threats.

This role will be within the Cyber Profession’s Cyber Regulation Team of at Ofgem who act as Competent Authority (CA) for implementing regulations for Operators of Essential Services (OES), to improve security and resilience in the Downstream Gas and Electricity sector.

The role will report to the Head of CA Assurance. The key purpose of the role is to monitor, support, report and instruct against the regulatory framework to ensure operational systems and networks owned and/or managed, by Operators of Essential Services, in the electricity and downstream gas sectors in Great Britain, remain resilient against cyber and related security threats.

Key Responsibilities

  • Support the development of a framework for cyber assurance activity such as inspection, exercising and testing for the cyber resilience of the energy sector.
  • Support the scoping, conducting and procurement of cyber inspections, exercising, and testing trials for the new framework.
  • Interpret penetration test findings.
  • Engage with internal and external stakeholders to provide appropriate cyber security assurance in accordance with policy and regulations.
  • Contribute to the review and interpretation of assurance reports for inspections, exercising and testing, and contribute to remediation action plan production.
  • Use your knowledge to support external providers of penetration testing services.
  • Provide support in assessing sector systemic risks that require prioritising for testing.
  • Support organisations and industry to better comply with regulation, policies, procedures and guidelines for assurance activities.
  • Record outputs and decisions from assurance activities and meetings, including any incidents, which may form part of an enforcements process.
  • Mentor and support Cyber Associates.

 

Key Outputs and Deliverables

  • Documentation on assurance activities such as testing and exercising for the energy sector.
  • Lessons learned from assurance trials.
  • Attend and engage on regular review meetings with 3rd parties.
  • Provide timely support, and co-ordination of incidents and reporting.
  • Review and support on testing reports and post assurance activities such as remediation plans.

Person specification

  • (LEAD) Qualification in cyber security, evidenced through an appropriate professional qualification such as CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP, SA/IEC 62443 Cybersecurity Expert, relevant degree, or equivalent experience.
  • (LEAD) Experience of the following criteria that can be demonstrated by achievements in past positions:
    • Scoping, organising, interpreting results and reviewing remediation plans for cyber security testing activities.
    • Client-facing experience with negotiation, advising and coaching skills across cyber security best practices.
    • Excellent writing skills evidenced through report writing or similar.
  • Experience of indirect or direct line management such as coaching and mentoring junior colleagues.

Must be able to achieve and maintain SC clearance.

Behaviours

We’ll assess you against these behaviours during the selection process:

Technical skills

We’ll assess you against these technical skills during the selection process:

  • Please see Candidate Pack for details.
Alongside your salary of £30,950, OFGEM contributes
£8,356 towards you being a member of the Civil Service Defined Benefit Pension scheme.

Find out what benefits a Civil Service Pension provides.
Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working (currently 1 day a week in the office but is in review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours, Experience and Technical skills.

When you press the ‘Apply now’ button, you will be asked to complete personal details (not seen by the sift panel), your career history and qualifications.

You will then be asked to provide a 1250 word ‘personal statement’ evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your personal statement, how you meet each of the essential and desirable skills and capabilities.

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

  • UK nationals
  • nationals of the Republic of Ireland
  • nationals of Commonwealth countries who have the right to work in the UK
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
  • nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
  • individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
  • Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission’s recruitment principles (opens in a new window).

The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available.
You may want to save a copy for your records.

Contact point for applicants

Job contact :

  • Name : Jen Hughes/Ofgem Resourcing Team
  • Email : recruitment@ofgem.gov.uk

Recruitment team

  • Email : recruitment@ofgem.gov.uk

Share this page

 
 

Apply Now