Overview
Great British Energy – Nuclear is an arm's length body of the Department for Energy Security and Net Zero. We support the development and deployment of new nuclear technologies in Great Britain to advance energy security and achieve net-zero carbon emissions. GBE-N focuses on fostering innovation, facilitating investment, and coordinating efforts across the nuclear industry to build a resilient and sustainable energy future.
GBE-N began the technology selection process for Small Modular Reactors (SMRs) in 2023. In June 2025, Rolls-Royce SMR was selected as the preferred bidder to build the UK’s first SMRs, following a technology selection process that began in 2023.
GBE-N aims to deliver rapidly within a supportive and collaborative culture that values equality and diversity and creates an inclusive workplace. Our Executive Committee brings extensive nuclear experience, and the organisation will unlock significant private and public investment to bring sites to development, and grow manufacturing capacity and skills.
Our values are:
Trust – safety, acting with integrity; Collaboration – teamwork and diversity; Challenge – curiosity; Care – inclusivity and respect; Drive – delivering results.
If you require reasonable adjustments to apply or attend an interview, contact recruitment@greatbritishnuclear.uk.
Role Description
The IPT Safety, Licensing and Assurance Function seeks a Cyber Security and Information Assurance Manager to lead cyber security strategies for the SMR programme, focusing on Operational Technology OT systems and ensuring compliance with nuclear industry standards and regulatory requirements.
You will safeguard critical infrastructure, manage cyber risks, and ensure secure delivery of digital systems across the lifecycle of the SMR power station.
Key Responsibilities
* Lead the cyber security strategy for OT systems design within the SMR programme, including ICS, SCADA, and other safety/security-critical systems.
* Ensure compliance with relevant nuclear and cyber security standards, including: IEC 62443; ISO/IEC 27001; NCSC guidance and UK Cyber Essentials; ONR Security Assessment Principles SyAPs.
* Develop and maintain the Information Assurance Framework for the SMR project.
* Collaborate with engineering, IT, and regulatory teams to integrate security into system design and delivery.
* Conduct risk assessments, threat modelling, and vulnerability analysis for OT/IT environments.
* Oversee incident response planning and cyber resilience testing.
* Oversee Systems Integration and Testing.
* Manage relationships with external vendors, regulators, and stakeholders.
* Provide leadership and mentoring to cyber security personnel within the SLA division.
Secure by Design
* Act as the primary interface for all matters relating to the application of the Secure by Design philosophy across the project.
* Thoroughly review submissions related to SbD, including design proposals for systems important to Safety, Security and Safeguards; interaction with the Design Authority and the NSC.
Key Stakeholder Management
* Provide expert advice to the project on all matters concerning Cyber Security and Information Assurance.
* Manage internal relationships with security stakeholders.
* Ownership of external relationships, including NCSC and ONR.
* Maintain a register and tracking system for all Key Subcontracts.
* Facilitate and lead meetings related to design elements important to Cyber Security and Information Assurance.
Policy and Process
* The creation and maintenance of the policy and process required to enable risk-informed decision making concerning the design of systems for the SMR power station.
* Ownership of forward work plans that considers capability and capacity required to meet the demands of the project.
Innovation for Cyber Security and Information Assurance
* Drive innovation for Cyber Security and Information Assurance, to consider modern technologies and approaches.
* Drive economic efficiency and value for the taxpayer through robust oversight of all elements of Cyber Security and Information Assurance of the SMR power station, throughout the nuclear lifecycle.
Reporting & Performance Management
* Manage, review, and analysis of the demonstration of SbD across all elements of the project, to identify trends, risks, and areas for improvement.
* Development of KPIs and performance assessment.
* Approval of Corrective Action Plans where deficiency is acknowledged.
* Facilitate and lead review meetings related to Learning from Experience (LfE).
Qualifications, Experience & Skills
* Proven experience in cyber security management within critical infrastructure or nuclear environments.
* Strong expertise in Operational Technology (OT) and industrial control systems.
* In-depth knowledge of relevant codes, standards, and regulatory frameworks.
* Experience with secure system design, implementation, and lifecycle management.
* Excellent stakeholder engagement and communication skills.
* Degree in Cyber Security, Information Assurance, Engineering, or a related field.
* Ability to achieve UK National Security Vetting – Security Check (SC).
* Relevant certifications (e.g., GICSP, CISSP, CISM, ISO 27001 Lead Implementer) are highly desirable.
* Experience in nuclear licensing and regulatory engagement.
* Familiarity with SMR technologies and digital twin environments.
* Ability to work in a high-assurance, safety-critical context.
* Strategic thinker with a proactive approach to emerging threats and technologies.
* Experience working within a regulated industry (e.g., nuclear, utilities).
* Experience in managing a team.
* A solid understanding of various forms of functional/performance methodologies for Secure by Design.
* Experience in a client-side/employer role.
* Membership of a relevant professional body.
Seniority level
* Mid-Senior level
Employment type
* Contract
Industries
* Construction
#J-18808-Ljbffr