< Back to search

Centrica • United Kingdom

Cyber & Information Security Analyst

Employment type:  Full time

< Back to search

top 3 scores:
96%

Location flexibility

92%

Hours flexibility

88%

Autonomy

Apply now

Job Description

Join us, be part of more.

We’re so much more than an energy company. We’re a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn’t rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That’s why working here is #MoreThanACareer. We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it.

About your team:

You’ll be working centrally within our mission control room, aka Centrica’s group functions. From Finance and Data Science, to our Wellbeing and People teams - this is the engine of our energy system, where our various Centres of Excellence power up each of our brilliant businesses, ensuring they have all the support, technologies, and capabilities they need to get our customers to Net Zero by 2050.

An opportunity to play your part – As the successful candidate you will join the Centrica Centre of Excellence, focusing on Cyber and Information Security Risk management. Operating as the second line of defence within the Group IT function, Digital Technology Services (DTS), you will facilitate interactions between the team, DTS, and Centrica business units. Your collaborative efforts will ensure that Cyber and Information Security risks are identified and managed to protect Centrica’s customers, data, services, and systems.

You will support the Cyber and Information Security Risk Manager by performing analytical work on Risk Posture and appetite, providing insights to the Board of Directors about current threats and the landscape. Additionally, you will help manage the Technology risk posture for the entire Centrica group. This role involves analysing existing risk mitigation strategies and cyber controls, communicating their effectiveness to the Manager, and suggesting improvements.

Location: UK, Windsor (talk to us about flexible working)

The day to day –

  • Support the implementation of the Cyber and Information Security risk framework, ensuring timely assessment and management of security risks, including threat evaluations and mitigation measures.
  • Ensure Cyber and Information Security risks are either treated or accepted in accordance with the risk appetite.
  • Work with the IT teams to identify and assess Cyber and Information Security risks.
  • Ensure services are assessed and classified based on their Confidentiality, Integrity, and Availability.
  • Ensure periodic risk assessments of key services, third parties, and regulatory commitments are performed, and remediation plans are monitored.
  • Use the output of Cyber and Information Security risk assessments to identify control gaps and weaknesses and provide direction to strategy and change programs to improve control efficacy.
  • Work with the business units to understand their key Information Security risks and agree on actions to mitigate or monitor and improve their controls.
  • Prepare monthly and quarterly risk reports, including a quarterly IT Risk submission for business units, and collaborate with Group-level risk functions on Cyber and Information Security risk.
  • Manage ad-hoc risk reporting requirements as required.
  • Communicate risks and recommendations to senior leadership in non-technical terms, considering cost/benefit, to ensure Information Systems security.
  • Assist Legal and Compliance teams, including Data Protection and Privacy, with Information Security risks.
  • Stay informed about the external security environment and emerging trends to support Cyber and Information Security risk management.
  • Collaborate to streamline and enhance risk management practices within the Group IT function (DTS) and Centrica business units.

About you –

  • Demonstrated experience as a Cyber and Information Security analyst.
  • In-depth knowledge of risk assessment methods for Cyber and Information Security.
  • Proficiency in conducting risk and threat assessments according to industry standards, with expertise in compensating controls.
  • Experience in modelling threat scenarios to identify Cyber Security threats from new or evolving systems and applications.
  • Strong understanding of Cyber and Information Security technologies, including identity and access management, encryption, and multi-factor authentication.
  • Familiarity with trends and emerging threats in the power utilities, retail energy, and oil & gas industries is advantageous but not essential.
  • Ability to leverage external networks to stay informed about emerging Cyber and Information Security threats and events.
  • Knowledge of internal and/or external regulatory policies, standards, procedures, and controls (e.g., NIST, ISO27xx, NIS 2, PCI DSS).
  • Ideally, experience in a Cyber and Information Security risk function, or alternatively, experience in a 2nd or 3rd line role.
  • Experience with OT/IoT and Cloud Cyber Security threats, controls, and risks is beneficial but not required.
  • Highly analytical, with a methodical and structured approach and strong attention to detail.
  • Effective communicator, capable of simplifying complex technical issues for all stakeholders.
  • Ability to drive technical consensus and facilitate agreements with challenging stakeholders, fostering collaborative relations across Group and other lines of business.
  • Possession of at least one relevant certification, such as Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), or a similar credential.

What’s in it for you –

  • Competitive salary and bonus potential.
  • Employee Energy Allowance at 15% of the government price cap.
  • Pension scheme.
  • Company Funded Healthcare Plan.
  • 25 days holiday allowance, plus public holidays, and the option to buy up to 5 additional days.
  • Excellent range of flexible benefits, including technology vouchers, electric car lease scheme & travel insurance.

Why should you apply?

We’re not a perfect place – but we’re a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That’s why we’ve designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we’re a great place to work and what being part of more means for you.

https://www.morethanacareer.energy/centrica

If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.


Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.

Company benefits

Adoption leave
Open to part-time employees
Enhanced sick days
Flexible working week
Enhanced sick pay
Gym membership
Health insurance
Mental health platform access
Compassionate leave
Dental coverage
Fertility treatment leave
Buy or sell annual leave
Optional unpaid leave
Shared parental leave
Enhanced maternity leave
Carer’s leave
Enhanced paternity leave
Pregnancy loss leave
Cycle to work scheme
Equity packages
Life insurance
Annual pay rises
Share options
Financial coaching
Employee discounts
Volunteer days
Company car
Travel loan
Enhanced pension match/contribution

We asked employees of Centrica what it's like to work there, and this is what they told us.

Location flexibility
96%
Employees are very happy with their working location freedom
Hours flexibility
92%
Employees are very happy with the flexibility in the hours they work
Benefits
82%
Employees are very happy with the benefits their company offers
Work-life balance
79%
Employees feel that they can switch off quite easily from work
Role modelling
83%
Employees feel that flexible working is part of the culture
Autonomy
88%
Employees feel they have complete autonomy over getting their work done

Additional employee ratings
(these do not contribute to the FlexScore®)

Diversity
80%
Employees feel that the diversity is good and there are continued efforts to improve it
Inclusion
82%
Employees feel like the company culture is brilliantly inclusive and equitable
Culture
84%
Employees feel like it is a really great environment to work in
Mission
85%
Employees feel very excited about and aligned with the company mission
Salary
72%
Employees feel that their salary is good and matches the value they bring

Working at Centrica

Company employees

20,000

Gender diversity (male:female)

68:32

Currently Hiring Countries

Denmark

United Kingdom

Office Locations

Awards & Achievements

2nd – Large companies

2nd – Large companies

Flexa100 2024
3rd – Consumer Goods

3rd – Consumer Goods

Industry awards 2023

Other jobs you might like