Overview
At Centrica, we’re building a more secure, resilient and digitally‑enabled future. As a Business Information Security Officer (BISO) you’ll play a pivotal role in modernising platforms, strengthening cyber‑resilience, and partnering with Technology CIOs to deliver secure outcomes.
Location
UK‑based hybrid role – occasional travel to sites.
Responsibilities
- Act as the trusted security partner to Technology CIOs and their leadership teams, providing pragmatic, risk‑based advice that enables confident business and technology decisions.
- Lead the execution of Centrica’s information security strategy within the business unit, ensuring alignment to organisational priorities, regulatory expectations and industry standards.
- Own information security risk management for the business unit, overseeing the identification, assessment and mitigation of risks and ensuring effective controls are designed, implemented and maintained.
- Embed security‑by‑design across technology initiatives and change programmes, working closely with delivery teams from ideation through to live operations to strengthen resilience.
- Serve as the primary escalation point for cyber security governance, incidents and resilience matters, ensuring issues are managed transparently and lessons learned drive continuous improvement.
- Provide clear, evidence‑based reporting and security awareness leadership, keeping senior stakeholders informed on security posture, key risks and progress while promoting a strong security culture.
Qualifications
- Extensive experience in cyber and information security leadership, operating in complex, regulated enterprise environments and influencing security outcomes at scale.
- Proven authority in security governance, risk management and compliance, with strong working knowledge of recognised frameworks and standards such as ISO 27001, NIST, COBIT and GDPR, and experience supporting control and assurance activities.
- Confident senior‑level communicator, experienced in briefing CIOs and business leaders, translating technical risk into clear business insight and influencing decisions through credibility, judgement and impact.
- Strong delivery mindset with the ability to manage multiple complex initiatives simultaneously, demonstrating consistent outcomes across risk management, incident response, assurance and security improvement programmes.
- Advanced capability in the safe and responsible use of AI and emerging technologies, including enterprise AI co‑pilots and knowledge assistants, with a clear understanding of accuracy, bias, compliance and escalation within defined governance guardrails.
- Resilient, adaptable leader with exceptional interpersonal skills, able to operate independently while contributing to wider leadership teams, motivating virtual and matrix‑managed teams and championing a strong, values‑led security culture.
Benefits
- Market‑competitive salary with an additional 15% Employee Energy Allowance.
- Comprehensive pension plan and fully‑funded company healthcare plan.
- Generous holiday allowance: 25 days plus public holidays, with option to purchase up to 5 extra days.
