We need everyone's positive energy and innovative thinking to lead the energy transition to net zero. That's why we welcome applications from all backgrounds and experiences and have a range of flexible working options to suit everyone!
Security Governance Manager
**Here's what you'll be doing
npower Business Solutions (nBS) is the E.ON UK Industrial and Commercial (I&C) pillar and a market leader in the B2B energy retail sector. I&C is a £7 billion revenue business serving c20,000 customers and approximately 200,000 meter points with a view to becoming the number one B2B energy supplier in the UK.
We have an exciting opportunity for a Security Governance Manager to join our team. For this role, you will be responsible for the governance and assurance of the nBS IT security landscape and processes. You will be working in a complex multi-supplier environment to deliver a robust set of controls which manage the cyber security risks and information security requirements of nBS. This role offers the hybrid working approach, where you will be working in the office (Solihull) approximately 1-2 days per week.
Key responsibilities
- Liaise with multiple business & IT stakeholder groups to gather, obtain sign off for and inform E.ON UK ISO all input for quarterly risk reporting, ensuring mitigating actions are formally identified, documented and tracked.
- Organising and supporting any necessary development and testing of internal controls including internal and external and obtaining formal sign off in liaison with appropriate stakeholders.
- Liaising with auditors and arranging contact with appropriate internal or external contacts to enable necessary testing to be carried out.
- Supporting internal and external auditing and reporting on cyber security compliance within nBS, including Smart Metering.
- Supplier management security compliance - onboarding, audit and ongoing reviews.
- Support on cyber security and compliance initiatives across the nBS business.
- Operates as a contact point for IT legislation and compliance activities e.g. DSS, DPA, GDPR, ISA3402, SMART Energy Code (SEC).
- Performing threat and risk assessments to ISO27005 standards, producing consolidated risks, and assigning risk custodians to relevant suppliers.
**What we need from you
- Significant experience of engaging with business representatives and assisting in the translation of business requirements into security compliance.
- Experience of working with outsourced IT providers.
- Demonstrated subject matter expertise in at least two of the following: ISO27001, ISO22301, Data Protection Act / GDPR, Smart Energy Code.
- Experience in the development and delivery of security policies, controls and procedures.
- Demonstratable IT Security Management experience.
**Here's what you need to know
- Our market-leading benefits package includes 26 days holiday + bank holidays, a generous pension scheme, life cover, bonus and the chance to choose from 20 flexible benefits with tax and/or NI savings. In fact, our benefits package recently won the Personnel Today Reward, Recognition and Benefits Award 2022! As the only energy company to feature in The Inclusive Top 50 UK Employers (our current ranking is 8th) we've proven that we're committed to equal opportunities and actively promote a diverse and inclusive working environment, and fairness for everyone.
- We realise the best people bring their energy at different times, so we're happy to talk flexible working and offer a range of flexible working options, including full time, part time and job share.
- As a Disability Confident Employer we interview every disabled applicant who meet the minimum criteria for the role.
- We've exciting opportunities for everyone to develop their talent at E.ON. Our open access, inclusive talent networks provide networking, learning and development for all, building your skills, qualifications, and capabilities throughout your career.