Technology Risk Management Analyst

Join us, be part of more. 

We’re so much more than an energy company. We’re a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that's energising a greener, fairer future by creating an energy system that doesn’t rely on fossil fuels whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion, and more potential. That’s why working here is #MoreThanACareer. We do energy differently - we do it all. We make it, store it, move it, sell it, and mend it. 
 

About your team: 

At British Gas, our mission is to sell it and mend it.   

We’ve been powering the UK’s homes and businesses for over 200 years – but supplying energy is just part of what we do. We’re making the UK greener and more energy efficient, getting closer to Net Zero. By using clever tech like thermostats, heat pumps, solar panels and EV chargers, we’re making it cheaper and easier for our customers to reduce their carbon-footprint.

An opportunity to play your part – The successful candidate will join the British Gas Energy (BGE) Technology Team, focusing on managing Technology Risk as the first line of defence. This role involves facilitating interactions between the Digital Technology Services team and BGE Technology, working collaboratively to identify and manage Technology risks to protect Centrica’s customers, data, services, and systems. The candidate will assist the Head of Risk and Compliance in performing analytical work on Risk Posture and appetite, providing insights into current threats and the risk landscape. Additionally, the role includes analysing existing risk mitigation strategies and technology controls, communicating their efficacy to the Manager, and suggesting improvements.

Location: UK, Windsor (talk to us about flexible working)
The day to day:

• Assist in implementing the Technology Risk and Controls framework, ensuring timely assessment and treatment of security risks.
• Ensure Technology risks are either mitigated or accepted in accordance with the risk appetite.
• Collaborate with IT teams to identify and assess Technology risks, including Cyber and InfoSec risks.
• Conduct periodic Technology risk assessments of key services, third parties, and regulatory commitments, and monitor remediation plans.
• Assess and classify services based on their Confidentiality, Integrity, and Availability.
• Use the output from Technology risk assessments to identify control gaps and weaknesses, providing strategic direction to improve control efficacy.
• Work with IT/OT teams to understand key Technology risks and agree on actions to mitigate or monitor and enhance controls.
• Produce quarterly IT Risk submissions for business units and collaborate with Group-level risk functions on Technology risk.
• Inform senior leadership of risks and recommendations in non-technical terms, considering cost/benefit, to ensure the security of Information Systems.

About You

• Preferred active certification from ISACA in one of the following domains:
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)

• Strong knowledge of Technology risk and control assessment methods.
• Proficient in Information Security technologies, such as identity and access management, encryption, and multi-factor authentication.
• Understanding of power utilities, retail energy, and oil & gas industry trends and emerging threats is useful but not essential.
• Ability to leverage external networks to understand emerging Cyber Security threats and events.
• Knowledge of internal and/or external regulatory policies, standards, procedures, and controls (e.g., COBIT, COSO, NIST, ISO27xx).
• Capability to understand business visions and strategy, anticipate associated risks from an Information Technology perspective, and facilitate business objectives while managing Technology risk exposure; acting as a trusted Technology risk advisor to the business.

What's in it for you?
 

• Enjoy a generous market salary, along with fantastic growth opportunities and a vibrant work environment!
• Power up your pay with a 15% Employee Energy Allowance, surpassing the government's price cap!
• Secure your future with our comprehensive pension plan, designed for peace of mind.
• Elevate your health with our fully-funded company healthcare plan, prioritizing your well-being.
• Recharge with a generous 25-day holiday allowance, plus public holidays, and even purchase up to 5 extra days for extended relaxation!
• Experience unparalleled work-life balance with an exceptional selection of flexible benefits, from tech treats and eco-friendly car leases to travel insurance for your adventures!

Why should you apply?  
 
We’re not a perfect place – but we’re a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That’s why we’ve designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we’re a great place to work and what being part of more means for you. 
 
https://www.morethanacareer.energy/britishgas 

If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority.

Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.