Cyber Security Associate

Job summary

SC is required for this role. Information and eligibility guidance can be found here: SC - Guidance Pack for Applicants - GOV.UK

Ofgem is working at the forefront of the fight to combat cyber threats to Britain’s critical energy infrastructure, strengthening the resilience of a system that millions rely on every day. We’re looking for Cyber Security Associates to join us to support and enhance cyber resilience across the energy sector.

Ofgem is Great Britain’s independent energy regulator. We’re at the forefront of change across the energy sector, driving toward Net Zero whilst protecting energy consumers, especially vulnerable people.

We’re offering three permanent opportunities to join a growing and forward-thinking Cyber Profession at a pivotal moment for the sector. This is an exciting entry point into a high-impact area, where you’ll contribute to protecting energy supply, data and systems that underpin daily life across the UK. You’ll be part of a mission-led team working across both regulatory and operational environments to strengthen security outcomes.

From day one, you’ll be immersed in a varied and fast-evolving environment, gaining exposure to both cybersecurity and operational technology within the Downstream Gas and Electricity sector. You’ll contribute to improving resilience across Ofgem and the wider energy system, supporting work that has a real-world impact on national infrastructure.

Working across multidisciplinary teams, you’ll collaborate with experts across cyber regulation, security, privacy and resilience, helping to shape how risks are understood and managed. With opportunities to engage across government, industry and internal teams, you’ll play a key part in influencing how the sector responds to emerging threats and challenges.

We’re looking for candidates with a strong interest in cybersecurity and a willingness to learn and adapt quickly in a fast-paced environment. You’ll bring good analytical and problem-solving skills, alongside the ability to communicate effectively and build strong working relationships.

In return, you’ll join a collaborative and inclusive environment with flexible working opportunities and the chance to rotate across different teams within the Cyber Profession. You’ll benefit from a wide range of training and development opportunities, exposure to diverse areas of cybersecurity, and the chance to be involved in impactful, ground-breaking work.

We have a critical purpose to protect cybersecurity across the energy sector. Join us in combating evolving threats while safeguarding critical national infrastructure and supporting a secure transition to Net Zero.

Read on and find out more.

Job description

Key Responsibilities, Outputs and Deliverables

Security, Privacy and Resilience

• Working with the Incident Response team in maintaining the data breach log and assessing incidents/breaches.
• Carry out open-source intelligence including collaborative working.
• Development of cyber incident playbooks, use cases, etc.
• Write, review, or contribute towards risks assessment in a digital service.
• Review and maintain Data Privacy Impact Assessments and other data protection collateral.
• Provide security risk advice, guidance, and support to the business.
• Assist with department security education and awareness.

Cyber Regulatory

• Collaborating and working with Cyber Advisors on the NIS Directive, its application across the DGE sector and engaging with Operators of Essential Service (OES).
• Visiting OES operational sites (e.g., generation site) with the Engagement or Assurance teams.
• Assessing RIIO (Revenue= Incentives + Innovation + Outputs) submissions from a cyber perspective.
• Collaborating with Cyber Security Architects on DGE cyber architecture guidance.
• Researching cyber related technologies.
• Collaborating and working with the Assurance team on cyber related inspections.
• Contribute to the development of cyber security programme and project plans, management of workflows and maintaining a programme risk log.

General

• Research and implement practises that promote a diverse workforce within Cyber.

Person specification

Essential Criteria

• A strong interest in security/cyber security, and/or an awareness of how critical national infrastructure is protected (Lead Criteria).
• Willing to be flexible, learn quickly, and deliver on a number of different projects, using good analytical and problem-solving skills (Lead Criteria).
• Able to communicate (in person, over video/phone, and written) effectively and build strong relationships within a team.
• These opportunities would suit individuals who have previous experience within fields such as cyber security, or similar such as within an IT environment or have completed or are completing further education or qualifications within a relevant field.

Behaviours

We'll assess you against these behaviours during the selection process:

• Communicating and Influencing
• Delivering at Pace
• Working Together

Benefits

Alongside your salary of £26,694, OFGEM contributes £7,733 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides.Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; hybrid working (currently 1 day a week in the office but this is kept under review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about.

Things you need to know

Artificial intelligence

Artificial intelligence can be a useful tool to support your application, however, all examples and statements provided must be truthful, factually accurate and taken directly from your own experience. Where plagiarism has been identified (presenting the ideas and experiences of others, or generated by artificial intelligence, as your own) applications may be withdrawn and internal candidates may be subject to disciplinary action. Please see our candidate guidance (opens in a new window) for more information on appropriate and inappropriate use.

Selection process details

This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Experience.

When you press the ‘Apply now’ button, you will be directed to a Civil Service test – guidance for this can be found here Civil Service online tests - GOV.UK (www.gov.uk). The test you are due to take is not timed and you can complete it at your own pace. Upon passing the test, you will be asked to complete personal details (not seen by the sift panel), your career history and qualifications.

You will then be asked to provide a 1250 word ‘personal statement’ evidencing how you meet the essential skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your supporting statement, how you meet each of the criteria listed in the role profile.

The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected, you could be refused certain services or employment. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found by [https://www.cifas.org.uk/fpn].

Feedback will only be provided if you attend an interview or assessment.

Security

Successful candidates must undergo a criminal record check.Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window).

See our vetting charter (opens in a new window).People working with government assets must complete baseline personnel security standard (opens in new window) checks.

Nationality requirements

This job is broadly open to the following groups:

• UK nationals
• nationals of the Republic of Ireland
• nationals of Commonwealth countries who have the right to work in the UK
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window)
• nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS)
• individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service

Further information on nationality requirements (opens in a new window)

Working for the Civil Service

The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants.

We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window).The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria.The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy.

Diversity and Inclusion

The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see theCivil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window).

Apply and further information

This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative.The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window).Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records.

Contact point for applicants

Job contact :

• Name : Lewis Buckley
• Email : recruitment@ofgem.gov.uk

Recruitment team

• Email : recruitment@ofgem.gov.uk

Further information

Appointment to the Civil Service is governed by the Civil Service Commission’s Recruitment Principles. You have the right to complain if you feel there has been a breach of these Recruitment Principles.

In the first instance, you should raise the matter directly via recruitment@ofgem.gov.uk. If you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission, please visit their website.

Attachments

Cyber Security Associate, Role Profile Opens in new window (pdf, 200kB)Cyber Security Associate, Candidate Pack Opens in new window (pdf, 866kB)Terms and Conditions Apr25 Opens in new window (pdf, 335kB)