Cyber Assurance Advisor

We're seeking an exceptional Cyber Assurance Advisor. This role will be accountable to the Head of CA Assurance. Its primary function is to oversee, assist, report, and provide guidance in adherence to the regulatory framework. The goal is to guarantee the resilience of operational systems and networks within the electricity and downstream gas sectors in Great Britain, owned and/or managed by operators of essential services, against cyber and related security threats.
Working closely with the Cyber Regulation Team, Leadership Team, Enforcement Team and Legal Team, you will contribute to developing a cyber assurance framework, encompassing activities like inspection, exercises, and testing for energy sector cyber resilience.
Your key responsibilities include assisting in scoping, conducting, and procuring cyber inspections, exercises, and testing trials. You will Interpret penetration test findings and engage with internal and external stakeholders for cyber security assurance in alignment with policies and regulations.
You will contribute to reviewing and interpreting assurance reports, aiding in remediation action plan creation, utilise expertise to support external providers of penetration testing services, assist in assessing sector systemic risks for prioritised testing, support organisations in complying with regulations, policies, procedures, and guidelines for assurance activities, record outputs and decisions from assurance activities, including incidents for potential enforcement processes and mentor and support Cyber Associates.
Ofgem provides highly adaptable working practices, facilitating a successful balance between work and life commitments.
The organisation boasts a positive culture, characterised by an approachable and amiable senior leadership team dedicated to supporting employees in their roles. Ofgem actively fosters an inclusive environment that values, supports, and celebrates the diverse voices and experiences of its colleagues.
Join Ofgem and contribute to shaping the future of energy regulation and sustainability. Apply now and be part of a dynamic team committed to making a positive impact, + Support the development of a framework for cyber assurance activity such as inspection, exercising and testing for the cyber resilience of the energy sector.
+ Support the scoping, conducting and procurement of cyber inspections, exercising, and testing trials for the new framework.
+ Engage with internal and external stakeholders to provide appropriate cyber security guidance or assurance in accordance with policy and regulations.
+ Contribute to the review and interpretation of assurance reports for inspections, exercising and testing, and contribute to remediation action plan production.
+ Use your knowledge to support external providers of penetration testing services.
+ Support organisations and industry to better comply with regulation, policies, procedures and guidelines for assurance activities.
+ Record outputs and decisions from assurance activities and meetings, including any incidents, which may form part of an enforcements process.
Key Outputs and Deliverables
+ Attend and engage on regular review meetings with 3rd parties.
+ Provide timely support and co-ordination of incidents and reporting.
+ Review and support on testing reports and post assurance activities such as remediation plans., You will then be asked to provide a 1250 word ‘personal statement’ evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your supporting statement, how you meet each of the essential and desirable skills and capabilities.
The Civil Service values honesty and integrity and expect all candidates to abide by these principles. Ofgem take any incidences of cheating very seriously. Please ensure all examples provided are of your own experience. Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant applications will be withdrawn from the process.
Feedback will only be provided if you attend an interview or assessment.

Security
Successful candidates must undergo a criminal record check.
Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).See our vetting charter (opens in a new window).
People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements
This job is broadly open to the following groups:
+ UK nationals
+ nationals of the Republic of Ireland
+ nationals of Commonwealth countries who have the right to work in the UK
+ nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
+ nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
+ individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
+ Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service
Further information on nationality requirements (opens in a new window)

Working for the Civil Service
The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.
We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).
The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.
The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion
The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information
This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.
The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).
Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

+ (Lead criteria) Qualification in cyber security, relevant degree, or equivalent professional experience.
+ (Lead criteria) Experience of the following criteria in cyber security that can be demonstrated by achievements in past positions:
+ Scoping, organising, interpreting results and reviewing remediation plans for cyber assurance activities.
+ Client-facing experience.
+ Excellent writing skills evidenced through report writing or similar.
+ Extensive experience working collaboratively with diverse colleagues.
+ Have experience in the process of developing and managing a range of options and decisions that aligns with your organisation’s priorities.
+ Must be able to achieve and maintain SC clearance.
Desirable Criteria
+ Experience of inspecting, auditing, or testing with an information security role.
+ Experience of security assurance in the energy or CNI (Critical National Infrastructure) industry and experience in utilising the IEC 62443 series, NIS Regulations and NCSC CAF., + Communicating and Influencing
+ Working Together
+ Changing and Improving

Technical skills
We'll assess you against these technical skills during the selection process:
+ Please refer to the Candidate Pack and Role Profile attached for full details.

Ofgem is dedicated to securing an affordable and environmentally sustainable energy supply for every UK household and business. Playing a vital role in the transition to Net Zero, our work positively impacts consumers and the environment, contributing to a carbon-neutral energy system.

Alongside your salary of £32,498, OFGEM contributes £9,414 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.
Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; Hybrid working (currently 1 day a week in the office but is in review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.