Cyber Risk Manager

Gloucester Business Park, Gloucester or Atlantic Quay, Glasgow. Hybrid role, minimum of 3 days per week in an office. Flexible working arrangements to be discussed.

Are you experienced in identifying and assessing potential cyber risks within an organisation's infrastructure and operations? Are you familiar with current cybersecurity frameworks and best practices for mitigating cyber threats? Are you comfortable leading cross-functional teams in developing and implementing comprehensive cyber risk management strategies? Are you comfortable managing a range of stakeholders from board members to technical experts?

If so, we have an exciting opportunity for you to join us as our next Cyber Risk Manager at EDF!

The Opportunity…

We're looking for you to join our dynamic team as our next Cyber Risk Manager and take charge of developing, coordinating, and implementing risk management activities across our Nuclear licensees. You'll play a vital role in ensuring stakeholders, including executives and SIROs, have a clear and consistent understanding of cyber security risks. From maintaining the cyber risk register to coordinating risk mitigation efforts, you'll be at the forefront of safeguarding our organisation against cyber threats.

You'll also be responsible for providing accurate cyber reporting and metrics, driving essential discussions in risk management forums, and supporting the implementation of our Nuclear Cyber Security Strategy and the EDF Cyber target operating model.,

• Tracking and reporting on risk management activities and decisions across our vast nuclear estate, ensuring seamless coordination of cyber security risk management reporting and associated metrics.


• Providing management and oversight of risk licensee management policies, processes, and procedures to maintain a robust risk management framework.


• Convening and chairing the Nuclear Cyber Security Risk Forums, where you'll establish a common working-level view of cyber risk positions consistent with our Nuclear Cyber Security Strategy and the EDF cyber target operating model.


• Promoting risk management to enhance licensee understanding of their exposure and inform investment decisions through cyber security forums.


• Serving as the secretary, supporting the heads of Nuclear Security and Cyber Security & Information Assurance, and chairing relevant cyber security communities of practice to bolster the work of the Cyber Risk Forums.


• Supporting the running and attendance of SIRO's Oversight Boards, ensuring that licensee SIROs grasp their respective risk positions and can make informed decisions regarding risk treatment.


• Assisting in the analysis and presentation of cyber risks across our nuclear licensees, collaborating with key stakeholders such as the Head of CS&IA, licensee BISOs, and the EDF UK Office of the CISO.


• Managing external contractors and suppliers to ensure the successful delivery of our key accountabilities.


Who you are…

Along with being able to achieve our Security Clearance (SC) checks, to be suitable for this role, we're looking for you to


• A solid understanding of national and international standards and information security frameworks like ISO27000 and HMG Security Policy framework. Get ready to dive deep into the intricate world of cyber security regulations and best practices.


• Expertise in cyber security risk management frameworks and methodologies such as ISO27005, NIST CSF, and IRAM2. Your strategic approach to risk management will be critical in ensuring our systems remain secure and resilient.


• Practical experience in tackling complex cyber security threats, vulnerabilities, and risks. You'll be on the front lines, safeguarding our digital assets against the ever-evolving landscape of cyber threats.


• A knack for navigating the digital realm with ease. From mastering the latest software tools to staying abreast of emerging technologies, your computer literacy will be your greatest asset.


• Strong communication and interpersonal skills that go beyond technical jargon. You'll need to build trust and foster collaboration across teams, finding pragmatic solutions that balance business objectives with security requirements.


• Proven leadership abilities and stakeholder management skills. Get ready to inspire and influence others as you lead teams and collaborate with stakeholders to drive our cyber security initiatives forward.


A degree, or equivalent, in a relevant discipline would be advantageous however, not essential.

At EDF, everyone's welcome. We strive to create an inclusive and diverse environment where everyone has a voice and where you feel confident being yourself. We're committed to equality, diversity, and inclusion. We'd like our future workforce to have an equal gender balance, represent a broad mix of people from minority ethnic backgrounds, LGBTQ+, those with a disability and supporting social mobility.

We're a disability confident employer and we'll do all we can to help with your application, adjusting as you need. We'll value the difference you bring and offer opportunities for you to thrive and succeed., Join us and together we can help Britain achieve Net Zero.

#EDFNuclearServices #DestinationNuclear #EDFNuclearJobs

Alongside a competitive salary starting from £80,000 depending on experience, we're dedicated to offering flexible benefits that support our people across all aspects of their lives.

We offer a market-leading company pension scheme, paid holidays, and a range of flexible benefits, such as: a company incentive bonus plan, cycle to work scheme, discounts, and employee pricing.