Job Vacancy Cyber Assurance Advisor

Ofgem is dedicated to securing an affordable and environmentally sustainable energy supply for every UK household and business. Playing a vital role in the transition to Net Zero, our work positively impacts consumers and the environment, contributing to a carbon-neutral energy system. 

We're seeking an exceptional Cyber Assurance Advisor. This role will be accountable to the Head of CA Assurance. Its primary function is to oversee, assist, report, and provide guidance in adherence to the regulatory framework. The goal is to guarantee the resilience of operational systems and networks within the electricity and downstream gas sectors in Great Britain, owned and/or managed by operators of essential services, against cyber and related security threats. 

Working closely with the Cyber Regulation Team, Leadership Team, Enforcement Team and Legal Team, you will contribute to developing a cyber assurance framework, encompassing activities like inspection, exercises, and testing for energy sector cyber resilience. 

Your key responsibilities include assisting in scoping, conducting, and procuring cyber inspections, exercises, and testing trials. You will Interpret penetration test findings and engage with internal and external stakeholders for cyber security assurance in alignment with policies and regulations. 

You will contribute to reviewing and interpreting assurance reports, aiding in remediation action plan creation, utilise expertise to support external providers of penetration testing services, assist in assessing sector systemic risks for prioritised testing, support organisations in complying with regulations, policies, procedures, and guidelines for assurance activities, record outputs and decisions from assurance activities, including incidents for potential enforcement processes and mentor and support Cyber Associates. 

Ofgem provides highly adaptable working practices, facilitating a successful balance between work and life commitments. 

The organisation boasts a positive culture, characterised by an approachable and amiable senior leadership team dedicated to supporting employees in their roles. Ofgem actively fosters an inclusive environment that values, supports, and celebrates the diverse voices and experiences of its colleagues. 

Join Ofgem and contribute to shaping the future of energy regulation and sustainability. Apply now and be part of a dynamic team committed to making a positive impact

Key Responsibilities 

• Support the development of a framework for cyber assurance activity such as inspection, exercising and testing for the cyber resilience of the energy sector. 

• Support the scoping, conducting and procurement of cyber inspections, exercising, and testing trials for the new framework. 

• Engage with internal and external stakeholders to provide appropriate cyber security guidance or assurance in accordance with policy and regulations. 

• Contribute to the review and interpretation of assurance reports for inspections, exercising and testing,  and contribute to remediation action plan production. 

• Use your knowledge to support external providers of penetration testing services.  

• Support organisations and industry to better comply with regulation, policies, procedures and guidelines for assurance activities.  

• Record outputs and decisions from assurance activities and meetings, including any incidents, which may form part of an enforcements process. 

Key Outputs and Deliverables 

• Attend and engage on regular review meetings with 3rd parties. 

• Provide timely support and co-ordination of incidents and reporting. 

• Review and support on testing reports and post assurance activities such as remediation plans.  

Essential Criteria

• (Lead criteria) Qualification in cyber security, relevant degree, or equivalent professional experience. 

• (Lead criteria) Experience of the following criteria in cyber security that can be demonstrated by achievements in past positions: 

• Scoping, organising, interpreting results and reviewing remediation plans for cyber assurance activities. 

• Client-facing experience. 

• Excellent writing skills evidenced through report writing or similar. 

• Extensive experience working collaboratively with diverse colleagues.  

• Have experience in the process of developing and managing a range of options and decisions that aligns with your organisation's priorities. 

• Must be able to achieve and maintain SC clearance.