Information Technology (IT) Cyber Auditor

Base Location: Havant, Reading, Perth, Glasgow, Perth, Aberdeen, Inverness and Dublin

Salary: £50,100 - £75,100 + performance-related bonus + a range of benefits to support your finances, wellbeing and family.

Working Pattern: Permanent | Full Time | Flexible First options available

The role

Technology Risk & Analytics provide assurance over the Group’s highest priority technology, digital and cyber risks to the Group Executive Committee, the Audit Committee and the Board. This IT Cyber Auditor role will be focussed on supporting the business units and Group technology function in assuring the Group's cyber security position across IT. This is a unique opportunity to engage with multiple business units and provide valuable insights to strengthen our cyber security maturity, as well as see the Group Strategy in action across the breadth of the business.  

The Technology Risk & Analytics team form part of the wider Group Risk & Audit function led by the Director of Group Risk & Audit. Our team work closely in partnership with the Group Audit team, where we perform an essential role in support of SSE’s strategic aims in providing assurance and advice. An inclusive and transparent culture in the function is encouraged from leadership to better support members of the team with progressing their careers whilst prioritising work life balance. 

This is a hybrid role with limited travel to sites and offices (equating to approximately 4 to 5 days a month). The role allows flexible working hours and flexible working locations. Applicants wishing to work part-time will also be considered.

You will

• Understand the business and impact of IT cyber risk - Through building trusted relationships with the business, IT, and Cyber Risk teams, develop a close understanding of the business, the technology that supports key processes, and impact of strategic change on the IT cyber risk profile. 
• Balancing robust and pragmatic cyber assurance and advice - Using the understanding gained from relationships across the Group, support the scoping, delivery, and reporting of assurance via audit. Provide practical risk and assurance advice that recognises business risk and impact, as well as the level of current cyber security maturity.
• Prepare reports, communicate results and agree action - As part of delivering cyber audits, this role will regularly report to management at all levels. Prepare draft reports for review and discussion with management, agree achievable and proportionate actions for all relevant Management Disclosures and Findings ensuring clear responsibility and due dates are set.
• Ensure actions are completed - Undertake follow-on activities to ensure agreed audit actions are completed in-line with the audit reports and that any changes are clearly documented.

You have

• Passionate interest in cyber security / IT and business impacts in the energy sector 
• Robust understanding of risk-based assurance processes and cyber security frameworks, controls, and standards across different types of technology (e.g. Cloud, AI, database, network, operating system)
• Demonstrable operational or auditing experience in at least three of the following security disciplines:
  • Identity & Access Management
  • Privileged Access Management
  • SIEM/Security Operations
  • Firewalls/IDS/IPS
  • Threat & Vulnerability Management
  • Zero Trust Networks
  • Endpoint Protection
  • Incident Response
  • Supplier Assurance
  • Web Proxy/CASB
• Strong communication, organisational, and influencing skills to engage with stakeholders and deliver audits effectively and in a timely manner
• Ability to operate objectively and demonstrate professionalism & integrity throughout the audit lifecycle

About SSE

SSE has a bold ambition – to be a leading energy company in a net zero world. We're investing around £10 million a day in homegrown energy to help power a cleaner, more secure future. Our investment will see us build the world's largest offshore wind farm and transform the grid to deliver greener electricity to millions.

Our Group Risk & Audit teams support SSE in meeting all risk management responsibilities, including UK Corporate Governance Code obligations. They undertake assurance reviews to help identify and mitigate against any risks that could impact our performance, integrity, solvency or liquidity.

Flexible benefits to fit your life

Enjoy discounts on private healthcare and gym memberships. Wellbeing benefits like a free online GP and 24/7 counselling service. Interest-free loans on tech and transport season tickets, or a new bike with our Cycle to Work scheme. As well as generous family entitlements such as maternity and adoption pay, and paternity leave.

Work with an equal opportunity employer

SSE will make any reasonable adjustments you need to ensure that your application and experience with us is positive. Please contact Francesca.Palmer@sse.com / 01738 344763 to discuss how we can support you.

We're dedicated to fostering an open and inclusive workplace where people from all backgrounds can thrive. We create equal opportunities for everyone to succeed and especially welcome applications from those who may not be well represented in our workforce or industry.

Ready to apply?

Start your online application using the Apply Now box on this page. We only accept applications made online. We'll be in touch after the closing date to let you know if we'll be taking your application further. If you're offered a role with SSE, you'll need to complete a criminality check and a credit check before you start work.

#LI-FT1

#LI-Hybrid