Originally named, Great British Nuclear, Great British Energy Nuclear is an arm’s length body of the Department for Energy Security and Net Zero, dedicated to supporting the development and deployment of new nuclear technologies in Great Britain. We play acrucial role in advancing nuclear new build, ensuring the UK’s energy security and achieving net-zero carbon emissions. Great British Energy – Nuclear focuses on fostering innovation, facilitating investment, and coordinating efforts across the nuclear industry to build a resilient and sustainable energy future.
Great British Energy – Nuclear’s first step was to start the technology selection process for Small Modular Reactors (SMRs) in 2023. SMRs can potentially be quicker to deploy and less expensive to build than traditional nuclear power plants because they are smaller, have factory-based modular manufacturing and more flexible deployment options. In June 2025, Great British Energy – Nuclear announced that Rolls-Royce SMR had been selected as the preferred bidder to build the UK’s first SMRs, following a technology selection process that began in 2023.
Great British Energy – Nuclear is aiming to deliver fast, based on a supportive and collaborative culture which values equality and diversity and creates an inclusive workplace. We draw on deep nuclear expertise – our Executive Committee has over 100 years of nuclear experience at home and abroad. GBE-N will unlock billions of pounds of private and public investment from design to operation, helping to get sites ready for development, and working to grow manufacturing capacity and skills capability.
Our activities will be driven by our values, which are:
Trust – We prioritise safety, we act responsibly and with integrity.
Collaboration – We work as a team; we value diversity and expertise.
Challenge – We are curious and courageous in the way we think and act.
Care – We are thoughtful, inclusive and respectful of others.
Drive – We get things done and we make a difference.
If you have a disability and would prefer to apply in a different format or would like us to make reasonable adjustments to enable you to apply or attend an interview, please contact us at recruitment@greatbritishnuclear.uk and we will talk to you about how we can assist.
Role Description
The IPT Safety, Licensing and Assurance Function is seeking a highly skilled and experienced Information Security Manager to lead the development and implementation of information security strategies for our SMR project. This role will focus on information in an IT realm, with a strong focus on information exchange across an international user community. The role holder will ensure compliance with nuclear industry standards and regulatory requirements.
You will be responsible for safeguarding critical national infrastructure, managing cyber risks, and ensuring the secure generation, transmission and storage of protected information throughout the lifecycle of the SMR power station.
Key Responsibilities
* Lead the development and implementation of information security strategies for the SMR project including an international user community
* Ensure compliance with relevant nuclear and cyber security standards, which could include:
* ISO/IEC 27001 (Information Security Management)
* UK NIS 18 regulations
* NCSC guidance
* NIST SP 800 Series
* Codes and Standards for the Cyber Security of AI (2025 ) - DSIT
* ONR Security Assessment Principles (SyAPs)
* Develop and maintain the Information Assurance Framework for the SMR project.
* Collaborate with engineering, IT, and regulatory teams to integrate information security into system design and delivery.
* Conduct risk assessments, threat modelling, and vulnerability analysis for IT environments.
* Oversee incident response planning and cyber resilience testing.
* Manage relationships with external vendors, regulators, and stakeholders.
* Provide leadership and mentoring to information security personnel within the SLA division.
* Work in collaboration with the Operational Technology (OT) Cyber Security Manager to support the delivery of an effective cyber security approach that considers convergence across IT and OT realms
Key Responsibilities:
Key Stakeholder Management
* Provide expert advice to the project on all matter concerning Information Security and Assurance.
* Manage and oversee the internal relationships with security stakeholders.
* Leading external information security relationships, to include NCSC and ONR
* Maintain a register and tracking system for all Key Subcontracts (Information Exchange Partnerships
* Facilitate and lead meetings relating to those elements of Design important to Information Security and Assurance.
Policy and Process
* The creation and maintenance of the policy and associated process required to enable risk-informed decision making concerning the protection of information
* Ownership of forward work plans, that considers the capability and capacity required to meet the demands of the project.
Innovation for Information Security:
* Drive innovation for information security, to consider modern technologies and/or approaches.
* Drive economic efficiency and value for money for the taxpayer through robust oversight of all elements of information security and assurance of the Project and its supply chain, throughout the nuclear lifecycle.
Reporting & Performance Management:
* Manage, review, and analysis of information security events and incidents across all elements of the project, to identify trends, risks, and areas for improvement.
* Development of supplier enablement material (training, awareness)
* Development of OPI’s and the assessment of performance
* Approval of Corrective Action Plans, where deficiency is acknowledged.
* Facilitate and lead review meetings related to Learning from Experience (LfE), for information security related topics.
Required Qualifications and Experience
* Proven experience in information security management within critical infrastructure or nuclear environments.
* Strong expertise in Information Technology (IT) and cloud-based technologies.
* In-depth knowledge of relevant codes, standards, regulatory frameworks, and the UK Government Security Classification scheme
* Experience with Information Security Management Systems (ISMS) requirements, implementation, and lifecycle management.
* Excellent stakeholder engagement and communication skills.
* Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable.
Desirable Attributes
* Experience in nuclear licensing and regulatory engagement.
* Familiarity with SMR technologies and digital twin environments.
* Ability to work in a high-assurance, safety-critical context.
* Strategic thinker with a proactive approach to emerging threats and technologies.
* Degree in Cyber Security, Information Assurance, Engineering, or a related field.
* The role holder will be expected to recruit and lead a team expected to be in the region of 1-3 FTE.