Help us use technology to make a big green dent in the universe! It's a really exciting time in energy. Help us make a real impact on shaping a better, more sustainable future. We are building a small and efficient Cyber and Information Security team at Octopus Energy Group. We are looking for ambitious, knowledgeable, and experienced InfoSec Analysts to join our team, to grow with the company, and ensure we continue to do so in a secure and safe way. You will be a key partner in defining what Security is at Octopus Energy Group. We will be shaping this team to provide a world class support service to our employees, building our way out of problems and undertaking transformational organisational change. You'll be primarily supporting our Octopus Energy Group services, while working with various Group Subsidiaries to expand our capabilities and develop creative solutions to business challenges and opportunities to continually improve our services. Specifically, we're looking for Information Security Analysts with at least 2 years of relevant experience to help us improve security across the Octopus Energy Group. If you're passionate about Information Security and driving a positive security culture, we encourage you to apply!
Responsibilities
* Maintaining and improving our Information Security Management System (ISMS) by taking a tech-first approach and using automation where possible
* Contributing to the development of our security assurance function
* Performing security risk assessments and maturity assessments for OE Group
* Promoting a positive security culture and raising awareness through training and other initiatives
* Supporting the implementation of security processes and requirements
* Providing security advice and guidance to the wider technical team
* Liaising with stakeholders in relation to security issues and providing remediation/improvement recommendations
* Supporting Octopus Energy Group's audit & compliance automation programs, enabling easy demonstration of compliance as we scale
* Working with the wider Security team to set the security strategy for Octopus Energy Group and its subsidiaries
* Keeping up to date with the latest security trends, and evaluating their potential impact on our systems, assisting the business to understand and manage associated risks
* Taking on other security-related projects and initiatives as needed, and collaborating with other teams to drive improvements in security across the organisation
Qualifications
* A passion for security, with a drive to improve through technology
* Experience in, or knowledge of, automating GRC and other security processes to reduce manual work (policy as code, low/no code tools, or GRC tooling)
* Strong analytical and problem-solving skills, with the ability to identify and mitigate security risks
* A good understanding of information security principles and the ability to communicate this to non-experts
* Experience producing or supporting the delivery of security awareness programs in different business environments
* Knowledge of industry and regulatory security standards, such as ISO 27001, SOC2, and GDPR
* Experience in at least some of the areas mentioned (we don’t expect expertise in all areas)
* The ability to challenge and expand thinking around GRC engineering
* Security certifications (any recognized abbreviations)
* Security qualifications (e.g., apprenticeships or degrees)
* Experience working in organisations that maintain ISO 27001 and/or SOC 1 and SOC 2 Type II certifications
* A broad understanding of technology, especially AWS (or other CSPs)
* A background in a technical role or relevant knowledge through education or training
Benefits and Process
* Salary is discussed with recruiters on a call to reflect experience and role fit
* Octopus Energy Group culture focused on autonomy, ownership, and meaningful project work
* Perks and rewards aligned with what matters to employees
* UK perks hub and access to employee benefits
* The recruitment process usually takes up to 4 weeks, with flexibility to accommodate candidates
For any questions or to start the conversation, email hiring@octoenergy.com. If this sounds like you, we would love to hear from you. We are an equal opportunity employer and do not discriminate on the basis of protected attributes. We are committed to providing equal opportunities, an inclusive work environment, and fairness for everyone.
#J-18808-Ljbffr