Overview

We are hiring! We have an amazing opportunity for a Cyber and Information Security Risk Analyst who will be part of the Centrica Centre of Excellence for the management of Cyber and Information Security Risk. The team operates as the second line of defence, you will facilitate interactions between the Digital Technology Services team and the Centrica business Units as well are working collaboratively to ensure that Cyber and Information Security risk are identified and appropriately managed to protect Centrica’s customers and its data, services, and systems.

As part of this role, you will also assist the Cyber and Information Security Risk Manager in performing analytical work on Risk Posture and appetite to inform the Board of Directors of the current threats and landscape, an exciting and interesting role for a cyber security risk professional!

This role will analyse existing risk mitigation strategies, cyber controls and communicate with the Manager on the efficacy of these measures, suggesting ways and means for improving them.

Location: Windsor/Flexible

Package: Competitive base salary plus benefits including bonus, healthcare and pension options, as well as 25 days annual leave.

About the role -

• Implement the Information Security risk framework and ensures timely assessment and treatment of security risks
• Ensure Information Security risks are either treated or accepted in accordance with the risk appetite
• Ensure periodic Information Security risk assessments of key services, third parties and regulatory commitments are performed, and remediation plans are monitored
• Ensure services are assessed and classified based on their Confidentiality, Integrity and Availability
• Use the output of Information Security risk assess to identify control gaps and weakness and provide direction to strategy and change programs to improve control efficacy
• Work with the business units to understand their key Information Security risks and agree the actions to mitigate or monitored and improve their controls
• Produce the quarterly IT Risk submission to the business units and working with Group level risk functions on Information Security risk
• Inform senior leadership of risks and recommendations in non-technical terms, considering cost/benefit, to ensure security of Information Systems
• Understand the external security environment and emerging trends to support Information Security risk management

About you -

• Strong knowledge of Information Security technologies, such as identity and access management, encryption, and multi-factor authentication
• Knowledge of internal and/or external regulatory policies, standards, procedures, and controls (e.g., NIST, ISO27xx)
• Ability to understand business visions and strategy and anticipates the associated risks from an Information Technology and Security perspective and how to facilitate business objectives whilst quantifying and managing the Cyber Security risk exposure; being a trusted Information Security risk advisor to the business
• Modelling of threat scenarios to identify Cyber Security threats arising from new or changing systems and applications
• Facilitated workshops with senior stakeholders from diverse background to determine Cyber Security risks and assess their ratings
• Produced communication material and reporting suitable for CxO level and senior leadership
• Produced effective reporting for the CxO level and undertaken briefings with technology and business leaders

At Centrica we embrace diversity and actively seek to attract individuals with unique backgrounds and perspectives. To build a more sustainable future, we need the best team – a team with a diverse mix of people and skills, where everyone feels welcome and able to succeed. We are dedicated in helping to close the diversity gap and would love to see more females, people of colour and LGBTQ+ employees, as well as those from a variety of cultures and ethnicity to veterans and the differently abled. Supporting diversity and inclusion is a big part of who we are, we are not looking for people to fit into our culture but to add to it!

PLEASE APPLY ONLINE by hitting the 'Apply' button.

Applications will ONLY be accepted via the ‘Apply’ button.

This role is being handled by the Centrica recruitment team and NO agency contact is required.