Security Risk Analyst

Security Risk Analyst - Warwick (hybrid working)

National Grid Electricity Transmission (NGET) is at the heart of energy in the UK. The electricity we provide gets the nation to work, powers schools and brings energy to life. Our energy network connects the nation, so it is essential that it is continually evolving, advancing, and improving.

In NGET we are passionate about both operating our network safely and providing highly reliable quality of supply for our customers. At the heart of achieving these outcomes is the effective control and operation of our network.

As our Security Risk Analyst, you will take a lead in system level risk identification and management for ET's critical systems. You will also collaborate with cross-functional teams and implement risk management strategies tailored to the unique security challenges that NGET faces. Ensuring risks are understood by stakeholders, are documented and appropriate risk mitigation strategies are in place for our critical environments within the NGET.

This role will:

• Provide up to date risk capture for critical systems supporting OFGEM reporting requirements.


• Document and justify NIST CSF controls process maturity and coverage.


• Identify gaps and findings that form the foundations to improvement plans for our critical system environments.


What you will be doing


• Support the development of NGET security policies and specifications to reduce risk, improve organisational security maturity and support compliance with the external Regulations.


• Support the business to understand security risk requirements for NGETs critical systems through engagement with functional resources.


• Support the business to understand cyber & physical security risks through appropriate reporting and communication of current risks and vulnerabilities.


• Ensure NGET's security risks are documented, managed, and monitored using approved frameworks and reported via the appropriate governance forums.


• Ensure security risks are investigated and triaged in accordance with NGET's risk management frameworks.
  
  Experience in managing security risk within Operational Technology


• Experience in cyber or physical security risk assessment (Risk management, Strategy, Ops, etc.)


• Previous experience of working in an Operational environment, preferably in critical infrastructure


• Detailed understanding of how security risks can manifest within networks, devices, and systems.


• Technical understanding of the Industrial Automation & Control System assets, Networks and systems used within a Transmission environment would be desirable.
  
  A competitive salary of £50,000 - £60,000 - dependent on experience


• An annual bonus based on personal and company performance


• 26 days annual leave plus eight statutory days


• The option to buy additional or sell holiday days


• Generous contributory pension scheme - we will double-match your contribution to a


• maximum company contribution of 12% (overall 18%).


• Financial support to help cover the cost of professional membership subscriptions, course


• fees, books, exam fees and time off for study leave - so long as it's relevant to your role.


• Access to flexible benefits such as a share incentive plan, salary sacrifice car and


• technology schemes, support via employee assistance lines and matched charity giving to


• name a few.


• Family care benefits including a back-up care service for when your usual care arrangements fall through (six paid days each year as standard with the option to purchase further days).


• Access to apps that support health, fitness and wellbeing.