SGN

Head of Cyber Governance, Risk and Compliance

SGN  •  London, GB (Hybrid)  •  6 days ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Head of Cyber Governance, Risk and Compliance

London | Hybrid | Full-time | Personal Contract

Competitive pension scheme – Enhanced maternity/paternity pay – Life assurance – HolidayPlus – Cycle2work Scheme & more

REQ5121

As a strategic leader in Governance, Risk and Compliance, you will guide SGN’s cyber security and regulatory approach, ensuring our operations remain secure, resilient and fully compliant.

We deliver safety, warmth, and comfort to homes and businesses. Every role, whether in the office or on the front line, plays a key part in this mission. Here’s how you will contribute…

Governance, Risk & Compliance (GRC) Leadership

  • Lead and manage the GRC team, aligning cyber and business goals while ensuring compliance with NIS-R, ISO27001/2, and NIST-2.
  • Oversee delivery plans, resource allocation, and stakeholder engagement for GRC initiatives.

Training & Awareness

  • Develop and maintain SGN’s Information Security training and awareness materials.
  • Integrate lessons learned from incidents and address feedback from training delivery.

Information Security Policy & ISMS

  • Maintain a robust portfolio of security policies, standards, and procedures to support ISO27001, NIST, and NIS eCAF compliance.
  • Ensure policies are current, reviewed regularly, and approved by key stakeholders.
  • Manage SGN’s Information Security Management System (ISMS) and policy exceptions.

Compliance & Assurance

  • Monitor and report on compliance across SGN and third-party partners.
  • Lead assurance reviews and support internal/external audits for ISO27001, NIST, and NIS.
  • Own NIS submissions to OFGEM and support regulatory consultations and audits.

Risk Management

  • Oversee risk assessments and reporting across Cyber, OT, and Gas Control.
  • Establish and enforce risk management processes and reporting to the CISO.

Advisory & Stakeholder Engagement

  • Provide expert advice on information security risks and controls.
  • Maintain relationships with external bodies and represent SGN in relevant forums.

Performance & Reporting

  • Oversee security performance indicators and ensure timely reporting to internal and external stakeholders.
  • Manage bi-monthly phishing tests and remediation actions.

Regulatory & Funding Support

  • Ensure compliance with legal and regulatory changes, advising on business impact.
  • Support funding documentation for RIIO2 & RIIO3 programmes.
  • Track and report on audit actions and outcomes

What you will need

Required Qualifications

  • The individual should be educated to degree level in a relevant discipline. Must be one of CISM/CISSP/CISA/TOGAF/CRISC.
  • Must have 5 years’ cyber security experience.
  • Must have proven expertise in Compliance Management, Information Security Risk and Audit.
  • Individual Competencies
  • Excellent understanding and hands-on experience of working with Regulators and providing compliance updates for an OT environment.
  • Excellent understanding of the NIS Regulations and the NCSC Cyber Assessment Framework.
  • Good understanding and practical experience of Cyber Security Frameworks and standards such as NCSC security principles, NIST Framework, ISO 27001, ISO27005, IEC62443 etc.
  • Excellent command of written English.
  • Strong interpersonal and relationship building skills.
  • The role will require Security Clearance.

Not sure you meet every requirement?

Research shows some people – particularly women and those from underrepresented backgrounds – may hesitate to apply unless they meet every criteria. At SGN, we value diverse backgrounds, experiences and perspectives.

If this role interests you but you’re not sure you tick every box, we’d still love to hear from you. You might be just who we’re looking for – now or in the future.

Why SGN?

SGN is a leader in pioneering research and development toward a net-zero energy system. Our cutting-edge technologies and innovative thinking are driving change in the gas industry, all while keeping people safe and warm

About us | Benefits |Diversity and inclusion

If you require any accommodations or support during the application process, reach out to us. We're here to help ensure an inclusive and accessible experience for everyone.

<span id="youtube">https://www.youtube.com/watch-v=7Q_sWyz7KEI</span

SGN

About SGN

SGN manages the network which distributes natural and green gas to approximately six million homes and businesses across Scotland and southern England. Our pipes deliver gas safely, reliably and efficiently to each of these customers.

Our people are the heart of our business. We employ around 4,000 people who are dedicated to keeping our customers safe and warm by leading the way in energy delivery.

Emergency: We provide the National Gas Emergency Service day and night. We’ll always make the situation safe whether the gas emergency is inside or outside a property.

Connect: Every year, we connect around 20,000 customers to our network and we help thousands of our most vulnerable customers heat their homes for less.

Upgrade: We’re committed to upgrading our network and we use the latest technology as we replace, renew and maintain our pipes. We’re constantly innovating to ensure a safe, secure and sustainable future for our network.

Visit our website or follow us on social media to find out more about how we keep our customers safe and warm all day, every day.

Industry
Energy & Utilities
Company Size
1,001-5,000 employees
Headquarters
Horley, GB
Year Founded
2005
Website
sgn.co.uk
Social Media