Job Description

Location: Gloucester Business Park / Atlantic Quay, Glasgow
Business Unit: Nuclear Services
Security Clearance: Security Check (SC)
Contract Type: 15-month Fixed Term Contract
Salary: From 75,000
About the Role
Are you ready to step into a role where your leadership shapes the assurance of cyber and information security controls across EDF's nuclear licensees? Do you want to take forward a programme already in motion, ensuring continuity, stability and strong delivery? At EDF, Success is Personal - and this secondment gives you the opportunity to expand your experience and influence across the nuclear cyber assurance landscape.
As Cyber Security Internal Assurance Manager you'll lead assurance of information and cyber security controls, providing confidence that mitigations are effective and aligned to the risk appetite of nuclear licensees. You will prepare and drive annual assurance strategies, working with BISOs, IT, the Cyber Security & Information Assurance team, the wider Nuclear Security team and INA to deliver a robust and risk-led programme.
You will be a safe pair of hands, quickly understanding the ongoing work and moving the existing strategy forward while ensuring high-quality delivery and continuity. Your role will involve managing internal staff and overseeing the external contracting team, guiding them to deliver against agreed assurance requirements and priorities.
Your Impact
Lead With Authority:
Acting with delegated authority from nuclear licensees, you will ensure that they - and their delivery partners - understand cyber risks and apply appropriate controls aligned to business objectives and regulatory expectations.
Drive Assurance Excellence:
You'll deliver assurance across the full Identify-Protect-Detect-Respond-Recover spectrum, ensuring nuclear licensees receive high-quality oversight of their Information Assurance and CS&IA regimes.
Influence Across the Business:
With strong stakeholder management experience, you will engage with senior leaders, technical specialists and partners across IT, cyber, supply chain and security. You'll be skilled at communicating with all levels of staff, bringing clarity, objectivity and sound judgement.
Advance Continuous Improvement:
Your experience with ISO27001 and related standards will help shape the continuous development of Information Security Management Systems (ISMS) aligned with ONR SyAPs and industry best practice.
What You'll Be Doing

• Working as part of a big, cross-functional team of nuclear professionals who are passionate about cyber security.
• Providing SME advice to nuclear licensees on cyber threat mitigations, working closely with risk and mitigation owners to guide their improvement activities
• Providing oversight of the implementation and effectiveness of cyber security controls across nuclear safety, sensitive information and operational continuity for the Nuclear Family.
• Leading the cyber security and information assurance Level 2 assurance programme, across HPC, SZC and Nuclear Operations, identifying gaps and driving remediation.
• Acting as point of contact for audits delivered by ONR, DESNZ, EDF Group, INA and Internal Audit.
• Providing inspections, audits, training and sharing best practice via relevant industry groups.
• Managing and coaching internal staff and the external contracting team.
• Coordinating assurance activity with the Level 1 cyber security assurance teams within HPC, SZC and Nuclear Operations, and the Nuclear Security Risk & Assurance Lead.
• Working closely with the Nuclear Services Cyber Risk Manager on risk mitigation planning.
• Providing advice to the Chief/Business Information Security Officers, and the Head of CS&IA, based on insights from the assurance programme.

Who You Are
We're looking for a Cyber Security Internal Assurance Manager who is influential, analytical and confident operating across complex stakeholder landscapes.
Are you experienced in...?

• Leading teams effectively, providing direction, coaching and performance management.
• Applying national and international standards and frameworks (e.g. ISO27001, ISO27000 series, NIST CSF, CAF, HMG SPF).
• Conducting security audits using recognised methodologies.
• Understanding cyber threats, vulnerabilities and associated risks.
• Communicating with influence, engaging with all levels of staff and senior stakeholders.
• Balancing business requirements with security imperatives.

Security Vetting
To be appointed to this role, you'll need to meet the criteria for Security Check (SC), normally requiring UK residency for the past five years.
Pay, Benefits and Culture
Alongside a competitive starting salary from 75,000, potential for an annual bonus and a market-leading pension scheme, your package will include customisable benefits such as EV leasing, discounted gym membership, tech vouchers, life assurance, experience days and more.
Everyone is welcome at EDF; we're committed to building a workforce that reflects gender balance, social mobility and inclusion of minority ethnic backgrounds, LGBTQ+ communities and those with disabilities. As a Disability Confident employer, we will support applicants requiring adjustments.
Join us and find your success at EDF!
Closing date for applications is 25th February, with interviews to follow on the 6th March.
#EDFNuclearServices #EDFcareers #SuccessIsPersonal #CyberSecurity #NuclearJobs
Additional Information
Success is Personal. It's your journey, powered by us. Join us and drive the transition towards an Electric Britain.

Skills Required