As Great Britain's regulator for the energy industry, Ofgem exists to ensure a safe, secure and sustainable energy supply to British households and businesses.
We are seeking a Cyber Regulation Lead with experience in cyber security and the energy sector to play a pivotal role in protecting energy consumers. You will operate within the Cyber Directorate and profession.
You will have significant experience in cyber security preferably relating to Critical National Infrastructure. As an experienced leader, you’ll have extensive knowledge of NIS regulations and NCSC’s Cyber Assessment Framework, hold fantastic communication and leadership skills and be able to achieve and maintain SC clearance. Ideal candidates will preferably possess qualifications, obtained through professional development or further education such as CISSP, CISA, or CISM.
These roles inhabit the same core responsibilities, but there are variations within the wider responsibilities attached to the roles.
Core Responsibilities:
- Leading activities across the Cyber Regulation Team.
- Working collaboratively with teams across the organisation to ensure the delivery of our responsibilities align with the Regulator’s Code.
- Proven record of leadership skills and ensure benefits for energy consumers' needs.
Within a Cyber Policy Role, you’ll develop Ofgem’s cyber security policies in collaboration with The Department for Energy Security and Net Zero, lead policy implementation, be at the forefront of scanning for future challenges and support sector research and innovation.
Ofgem has a culture of inclusion that encourages, supports and celebrates the diverse voices and experiences of our colleagues. As an inclusive workplace, our employees are comfortable bringing their authentic selves to work.
Job description
We are excited to welcome a new team member into our Cyber Policy Team - someone passionate about shaping the future cyber security and resilience of Great Britain’s energy sector.
Ofgem is Great Britain’s independent energy regulator. Our primary responsibility is to protect energy consumers, especially the most vulnerable, while at the same time working with government, industry and consumer groups to deliver a clean, more affordable and secure net-zero energy system at the lowest cost to consumers, and drive economic growth.
The energy sector is rapidly transitioning. We must ensure the transition is secure. This is a great time to join a team making a tangible positive difference to the sector.
Joining as a member of the Cyber Policy Team with policy experience and a strong interest in cyber security, you will be part of a cross-government multi disciplinary team to support delivery of a national cyber strategy. You will work closely with the Department for Energy Security and Net Zero to understand the policy direction, learn Ofgem’s regulatory remit, understand and analyse evidence from different sources, and develop innovative regulatory solutions for Cyber regulation.
The Cyber Policy Team is part of Ofgem’s Cyber and Artifical Intelligence (AI) Directorate. As GB digitalises and transforms energy systems, our directorate ensures these systems are resilient to Cyber threats and that AI is used innovatively and safely.
You will be part of the Cyber Profession, or the Policy Profession, depending on your background.
Ofgem has a culture of inclusion that encourages, supports, and celebrates the diverse voices and experiences of our colleagues. It fuels our innovation and helps ensure we can best represent the consumers and the communities we serve. Everyone is welcome - as an inclusive workplace, our employees are comfortable bringing their authentic selves to work.
You will be joining an expert team that is collaborative, mission led and a leader in cyber regulation. We offer hybrid working, excellent pension and leave benefits, and the chance to contribute to one of the most important public policy missions of our time. You’ll also have the opportunity to develop your skills through our excellent Learning and Development offers.
Person specification
Key Responsibilities, Outputs and Deliverables
- Lead multiple regulatory policy projects to deliver improvements in the energy sector’s cyber resilience. This could include activities such as:
- working across policy teams internally, with government partners, NESO and industry to ensure a cyber-secure net zero transition,
- developing Ofgem cyber security policy, strategy and thinking, relating to increasingly important sub-sectors such as offshore hybrid assets, hydrogen, heat networks, etc.
- working with government partners to ensure that the Network and Information Systems (NIS) Regulations are effectively implemented, for example, analysis to support the identification and designation of organisations that should be regulated,
- co-ordinating the implementation of the new Cyber Security and Resilience Bill within Ofgem and leading on cross-cutting policy issues.
- Manage key stakeholder relationships, both internally and externally, and influence decision-making. Identify and develop new relationships with partners where required.
- Lead on a cross-cutting activity to support the benefit of the wider Directorate, e.g. supporting the Cyber profession or developing new tools and capabilities.
- Support Research and Innovation activities across the sector, e.g. building new relationships with energy cyber innovation projects.
Role Criteria
Essential
- Experience of working in policy (i.e. within government, or at scale in the private sector in an areas such as GRC), preferably relating to cyber/physical security, innovation, technology or a Critical National Infrastructure (CNI) sector such as energy. (LEAD)
- Experience, or a significant interest, in cyber security (LEAD)
- Experience of playing a leading role within the delivery of projects/activities that have required significant collaborative working with a wide range of internal and external partners.
- Leadership and/or people management experience.
- Evidence of using strong communication skills and emotional intelligence in delivering policy, or similar, work.
- Able to achieve and maintain SC clearance.
Desirable
- Experience of working for a regulator or in the energy sector.
- Knowledge of Network and Information Systems (NIS) Regulations and NCSC’s Cyber Assessment Framework (CAF).
.Behaviours
We'll assess you against these behaviours during the selection process:
- Seeing the Big Picture
- Changing and Improving
- Working Together
- Delivering at Pace
Technical skills
We'll assess you against these technical skills during the selection process:
- Please refer to the Candidate Pack and Role Profile attached for full details.
Apply before 11:55 pm on Monday 9th June 2025
