Key Responsibilities Lead and collaborate across a designated portfolio of Operators of Essential Services (OES). Manage and support assurance and engagement activities within the OES portfolio, ensuring alignment with regulatory expectations. Contribute to NIS inspections, including evidence reviews, onsite assessments, and the production of high-quality inspection reports. Review and assess OES compliance documentation, such as assurance reports (audit, exercising, testing), remediation plans, and incident reports. Document inspection outcomes and assurance decisions accurately and consistently. Escalate compliance concerns to relevant boards and collaborate with Enforcement teams to apply regulatory tools and drive improvements. Respond to regulatory matters, including Freedom of Information (FOI) requests, whistle-blower cases, incident reports, and investigations. Develop and maintain organisational policies, products, and methodologies to support continuous improvement and regulatory effectiveness. Produce high-quality management reports to inform decision-making and oversight. Maintain accurate and secure records in line with organisational standards. Mentor and support Cyber Associates, fostering professional development and capability growth. Person specification Essential Criteria [LEAD] Experience in cyber and/or engineering assurance and response activities, demonstrated through: - Reviewing, analysing, and interpreting cyber security evidence, remediation plans, and regulatory submissions (e.g. audits, exercising, technical testing, inspections, compliance and enforcement activities). - Leading on or contributing to investigations and incident responses, particularly within a regulatory context. - Applying regulatory tools to drive compliance and continuous improvement. - Producing high-quality written outputs, including formal reports and recommendations. [LEAD] Relevant professional qualification in cyber security, such as: - CISSP, CISA, CISM, ISO 27001 Lead Auditor, GICSP, ISA/IEC 62443 Cybersecurity Expert, or a related degree. - Or equivalent experience in a cyber regulatory environment. Good understanding of the NIS Regulations and the NCSC Cyber Assessment Framework (CAF), with practical experience applying these in either policy, process, assurance, inspection and/or enforcement activities. Experience of working collaboratively across multidisciplinary teams and with a wide range of stakeholders. Good stakeholder management skills with the ability to build and maintain effective working relationships. Demonstrated ability to develop and manage options and decisions that align with organisational priorities and strategic objectives. Desirable Criteria Experience of inspecting, auditing, exercising or technical testing within a security role. Experience of security assurance in the energy or CNI (Critical National Infrastructure) industry. Behaviours We'll assess you against these behaviours during the selection process: Making Effective Decisions Communicating and Influencing Working Together Benefits Alongside your salary of 47,895, OFGEM contributes 13,875 towards you being a member of the Civil Service Defined Benefit Pension scheme. Find out what benefits a Civil Service Pension provides. Ofgem can offer you a comprehensive and competitive benefits package which includes; 30 days annual leave after 2 years; Excellent training and development opportunities; The opportunity to join the generous Civil Service pension which also includes a valuable range of benefits; hybrid working (currently 1 day a week in the office but this is kept under review), flexible working hours and family friendly policies. Plus lots of other benefits including clean and bright offices based centrally, engaged networks and teams and an opportunity to contribute to our ambitious and important targets of establishing a Net Zero energy system by 2050. This exciting blend of professional challenge and personal reward identifies career opportunities at Ofgem as something to get excited about. Things you need to know Selection process details This vacancy is using Success Profiles (opens in a new window), and will assess your Behaviours and Experience. When you press the Apply now button, you will be asked to complete personal details (not seen by the sift panel), your career history and qualifications. You will then be asked to provide a 1250 word personal statement evidencing how you meet the essential and desirable skills and capabilities listed in the role profile. Please ensure you demonstrate clearly, within your supporting statement, how you meet each of the criteria listed in the role profile. The Civil Service values honesty and integrity and expects all candidates to abide by these principles. You must ensure that any evidence submitted as part of your application or used during interview, including your CV and any statements or examples, are truthful and factually accurate. Ofgem takes any incidences of cheating very seriously. Please ensure all examples provided are of your own experience. Any instances of plagiarism or other forms of cheating will be investigated and, if proven, the relevant applications will be withdrawn from the process. Please note that plagiarism can include presenting the ideas and experiences of others, or generated by artificial intelligence, as your own. Please refer to Civil Service candidate advice on the acceptable use of artificial intelligence within the recruitment and selection process - Artificial intelligence and recruitment, Civil Service Careers The personal information we have collected from you will be shared with Cifas who will use it to prevent fraud, other unlawful or dishonest conduct, malpractice, and other seriously improper conduct. If any of these are detected, you could be refused certain services or employment. Your personal information will also be used to verify your identity. Further details of how your information will be used by us and Cifas, and your data protection rights, can be found by [ https://www.cifas.org.uk/fpn ]. SC is required for this role. Information and eligibility guidance can be found here: SC - Guidance Pack for Applicants - GOV.UK Feedback will only be provided if you attend an interview or assessment. Security Successful candidates must undergo a criminal record check. Successful candidates must meet the security requirements before they can be appointed. The level of security needed is security check (opens in a new window). See our vetting charter (opens in a new window). People working with government assets must complete baseline personnel security standard (opens in new window) checks. Nationality requirements This job is broadly open to the following groups: UK nationals nationals of the Republic of Ireland nationals of Commonwealth countries who have the right to work in the UK nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities with settled or pre-settled status under the European Union Settlement Scheme (EUSS) (opens in a new window) nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and family members of those nationalities who have made a valid application for settled or pre-settled status under the European Union Settlement Scheme (EUSS) individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020 Turkish nationals, and certain family members of Turkish nationals, who have accrued the right to work in the Civil Service Further information on nationality requirements (opens in a new window) Working for the Civil Service The Civil Service Code (opens in a new window) sets out the standards of behaviour expected of civil servants. We recruit by merit on the basis of fair and open competition, as outlined in the Civil Service Commission's recruitment principles (opens in a new window). The Civil Service embraces diversity and promotes equal opportunities. As such, we run a Disability Confident Scheme (DCS) for candidates with disabilities who meet the minimum selection criteria. The Civil Service also offers a Redeployment Interview Scheme to civil servants who are at risk of redundancy, and who meet the minimum requirements for the advertised vacancy. Diversity and Inclusion The Civil Service is committed to attract, retain and invest in talent wherever it is found. To learn more please see the Civil Service People Plan (opens in a new window) and the Civil Service Diversity and Inclusion Strategy (opens in a new window). Apply and further information This vacancy is part of the Great Place to Work for Veterans (opens in a new window) initiative. The Civil Service welcomes applications from people who have recently left prison or have an unspent conviction. Read more about prison leaver recruitment (opens in new window). Once this job has closed, the job advert will no longer be available. You may want to save a copy for your records. Contact point for applicants Job contact : Name : Jamie Wright Email : recruitment@ofgem.gov.uk Recruitment team Email : recruitment@ofgem.gov.uk Further information Appointment to the Civil Service is governed by the Civil Service Commissions Recruitment Principles. You have the right to complain if you feel there has been a breach of these Recruitment Principles. In the first instance, you should raise the matter directly via recruitment@ofgem.gov.uk. If you are not satisfied with the response, you may bring your complaint to the Commission. For further information on bringing a complaint to the Civil Service Commission, please visit their website. Attachments Candidate Pack_Cyber Assurance Senior Opens in new window (pdf, 816kB) Role Profile_Assurance Senior Opens in new window (pdf, 141kB) Terms and Conditions April 2025 Opens in new window (pdf, 335kB)