Join us, be part of more.
We’re so much more than an energy company. We’re a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn’t rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That’s why working here is #MoreThanACareer. We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it.
About your team:
You’ll be working centrally within our mission control room, aka Centrica’s group functions. From Finance and Data Science, to our Wellbeing and People teams - this is the engine of our energy system, where our various Centres of Excellence power up each of our brilliant businesses, ensuring they have all the support, technologies, and capabilities they need to get our customers to Net Zero by 2050.
An opportunity to play your part –
As the successful candidate you will join the Centrica Centre of Excellence, focusing on Technology Risk management. Operating within the Group IT function, Digital Technology Services (DTS), you will facilitate interactions between the team, DTS, and Centrica business units. Your collaborative efforts will ensure that all Technology, Cyber Security and Information Security risks are identified and managed to protect Centrica’s customers, data, services, and systems. You will support the Cyber and Information Security Risk Manager by performing analytical work on Risk Posture and appetite, providing insights to the Board of Directors about current threats and the landscape. Additionally, you will help manage the Technology risk posture for the entire Centrica group. This role involves analysing existing risk mitigation strategies and cyber controls, communicating their effectiveness to the Manager, and suggesting improvements. Location:
UK, Windsor (talk to us about flexible working) The day to day : Ensure timely assessment and management of all Technology, Cyber and Information Security risks, including threat evaluations and mitigation measures. Partner to identify, assess, and manage all risks, and agree on actions to mitigate, monitor, and improve controls. Conduct regular risk assessments of key services, third parties, and regulatory commitments, and monitor remediation plans. Use risk assessment outputs to identify control gaps and weaknesses, providing direction to strategy and change programs to enhance control efficacy. Ensure all risks are treated or accepted in line with the risk appetite. Prepare monthly and quarterly risk reports, including a quarterly IT Risk submission for business units, and collaborate with Group-level risk functions on Cyber and Information Security risk reporting. Manage ad-hoc risk reporting requirements as required. Communicate risks and recommendations to senior leadership in non-technical terms, considering cost/benefit, to ensure Information Systems security. Keep abreast of the external security environment and emerging trends to support Cyber and Information Security risk management. Collaborate to help streamline and continuously improve risk management practices within the Group IT function (DTS) and Centrica business units. About you : Proven experience as a Technology Risk Analyst, covering all aspects of risk management for Technology, Cyber Security and Information Security. At least one relevant certification, such as CRISC, CISA, or equivalent. Proficiency in conducting risk and threat assessments according to industry standards, with a strong understanding of compensating controls. Comprehensive knowledge of risk assessment methodologies for Technology, Cyber Security, and Information Security. Deep understanding of Information Security technologies, including identity and access management, encryption, and multi-factor authentication. Ability to leverage external networks to stay updated on emerging threats and events to Technology, Cyber Security and Information Security. Familiarity with internal and external regulatory policies, standards, procedures, and controls (e.g., NIST, ISO27xx, NIS 2, PCI DSS). Experience with OT/IoT and Cloud Cyber Security threats, controls, and risks is beneficial but not essential. Awareness of trends and emerging threats in the power utilities, retail energy, and oil & gas industries is beneficial but not essential. Highly analytical with a methodical and structured approach, and strong attention to detail. Effective communicator, capable of simplifying complex technical issues for diverse stakeholders. Ability to drive technical consensus and facilitate agreements with challenging stakeholders, fostering collaborative relationships across the Group and other business lines. What's in it for you ? Enjoy a generous market salary ,
along with fantastic growth opportunities and a vibrant work environment! Power up your pay with a 15% Employee Energy Allowance, surpassing the government's price cap! Secure your future with our comprehensive pension plan, designed for peace of mind. Elevate your health with our fully-funded company healthcare plan, prioritizing your well-being. Recharge with a generous 25-day holiday allowance, plus public holidays, and even purchase up to 5 extra days for extended relaxation! Experience unparalleled work-life balance with an exceptional selection of flexible benefits, from tech treats and eco-friendly car leases to travel insurance for your adventures! Why should you apply? We’re not a perfect place – but we’re a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That’s why we’ve designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.
Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.
#J-18808-Ljbffr
As the successful candidate you will join the Centrica Centre of Excellence, focusing on Technology Risk management. Operating within the Group IT function, Digital Technology Services (DTS), you will facilitate interactions between the team, DTS, and Centrica business units. Your collaborative efforts will ensure that all Technology, Cyber Security and Information Security risks are identified and managed to protect Centrica’s customers, data, services, and systems. You will support the Cyber and Information Security Risk Manager by performing analytical work on Risk Posture and appetite, providing insights to the Board of Directors about current threats and the landscape. Additionally, you will help manage the Technology risk posture for the entire Centrica group. This role involves analysing existing risk mitigation strategies and cyber controls, communicating their effectiveness to the Manager, and suggesting improvements. Location:
UK, Windsor (talk to us about flexible working) The day to day : Ensure timely assessment and management of all Technology, Cyber and Information Security risks, including threat evaluations and mitigation measures. Partner to identify, assess, and manage all risks, and agree on actions to mitigate, monitor, and improve controls. Conduct regular risk assessments of key services, third parties, and regulatory commitments, and monitor remediation plans. Use risk assessment outputs to identify control gaps and weaknesses, providing direction to strategy and change programs to enhance control efficacy. Ensure all risks are treated or accepted in line with the risk appetite. Prepare monthly and quarterly risk reports, including a quarterly IT Risk submission for business units, and collaborate with Group-level risk functions on Cyber and Information Security risk reporting. Manage ad-hoc risk reporting requirements as required. Communicate risks and recommendations to senior leadership in non-technical terms, considering cost/benefit, to ensure Information Systems security. Keep abreast of the external security environment and emerging trends to support Cyber and Information Security risk management. Collaborate to help streamline and continuously improve risk management practices within the Group IT function (DTS) and Centrica business units. About you : Proven experience as a Technology Risk Analyst, covering all aspects of risk management for Technology, Cyber Security and Information Security. At least one relevant certification, such as CRISC, CISA, or equivalent. Proficiency in conducting risk and threat assessments according to industry standards, with a strong understanding of compensating controls. Comprehensive knowledge of risk assessment methodologies for Technology, Cyber Security, and Information Security. Deep understanding of Information Security technologies, including identity and access management, encryption, and multi-factor authentication. Ability to leverage external networks to stay updated on emerging threats and events to Technology, Cyber Security and Information Security. Familiarity with internal and external regulatory policies, standards, procedures, and controls (e.g., NIST, ISO27xx, NIS 2, PCI DSS). Experience with OT/IoT and Cloud Cyber Security threats, controls, and risks is beneficial but not essential. Awareness of trends and emerging threats in the power utilities, retail energy, and oil & gas industries is beneficial but not essential. Highly analytical with a methodical and structured approach, and strong attention to detail. Effective communicator, capable of simplifying complex technical issues for diverse stakeholders. Ability to drive technical consensus and facilitate agreements with challenging stakeholders, fostering collaborative relationships across the Group and other business lines. What's in it for you ? Enjoy a generous market salary ,
along with fantastic growth opportunities and a vibrant work environment! Power up your pay with a 15% Employee Energy Allowance, surpassing the government's price cap! Secure your future with our comprehensive pension plan, designed for peace of mind. Elevate your health with our fully-funded company healthcare plan, prioritizing your well-being. Recharge with a generous 25-day holiday allowance, plus public holidays, and even purchase up to 5 extra days for extended relaxation! Experience unparalleled work-life balance with an exceptional selection of flexible benefits, from tech treats and eco-friendly car leases to travel insurance for your adventures! Why should you apply? We’re not a perfect place – but we’re a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That’s why we’ve designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.
Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.
#J-18808-Ljbffr
