We’re looking for a Cyber Security Manager to be the cornerstone of IT security for npower Business Solutions (nBS), the Industrial & Commercial arm of E.ON UK.
Based in Nottingham or Solihull, this permanent role (FTC options considered) will sit at the heart of our transformation. You will establish and operate a robust Information Security Management System (ISMS), embed best practices across our evolving DevSecOps culture, and provide expert guidance on secure architecture, fraud prevention, and governance frameworks.
Operating within the E.ON Group cyber security framework, you will navigate a complex multi-supplier ecosystem and lead the security agenda as we transition from a traditional service model to a modern product and DevSecOps environment. This role combines governance leadership with hands-on technical expertise, advising stakeholders up to C-suite level.
Key Responsibilities
- Own cyber security, IT risk, and controls for nBS, ensuring governance and audit readiness
- Lead threat and risk assessments aligned to ISO 27005 and manage remediation plans
- Develop and mature the ISMS aligned to ISO 27001, SEC, and emerging standards including ISO 42001 and CAF/CRA
- Drive compliance across SEC, REC, PCI DSS, GDPR, Cyber Essentials and Cyber Assurance Framework
- Support secure architecture, DevSecOps practices, and security integration across the SDLC
- Manage third-party security posture across suppliers and partners
- Coordinate penetration testing and oversee remediation of findings
- Promote cyber risk awareness through engagement with engineering teams and the C-suite
- Proven success delivering security audits and certifications (e.g., ISO 27001, SOC 2 Type II, PCI DSS, Cyber Essentials)
- Strong knowledge of the UK energy regulatory landscape, particularly SEC and REC
- Hands‑on experience establishing and operating an ISMS
- Strong background in IT risk management and ISO 27005 assessments
- Experience working in complex multi-supplier environments
- Ability to engage and influence senior leadership and C-suite
- Certifications: CISSP, CISM, ISO 27001 Lead Auditor/Implementer
- Experience working in DevSecOps environments
- Understanding of cyber resilience and data protection frameworks in energy markets
Why Join Us?
- Sunday Times Best Place to Work 2025
- 26 days annual leave + bank holidays, pension, bonus and flexible benefits
- Hybrid and family-friendly policies
- Inclusive employer recognised in the Inclusive Top 50 UK Employers
If you’re ready to shape the cyber security backbone of a leading energy business, we’d love to hear from you.
#J-18808-Ljbffr…