IT Risk Manager

SSE has big ambitions to be a leading energy company in a low carbon world. Following our commitment to invest £12.5 billion in low carbon projects over the next 5 years, we have significant growth plans and are well on our way to achieving our ambition to build a world that's more sustainable and inclusive for you, your family, the community you live in and for generations to come.

Join us on our journey to net zero and help us power change.

Base Location: Flexible, however our preference is that you will be based in one of our key UK sites, which includes but is not limited to:- Glasgow, Perth, Aberdeen, Inverness, Reading or Havant.

Salary: £44,100 - £66,100 + performance-related bonus and a range of benefits to support your finances, wellbeing and family.

Working Pattern: Permanent | Full Time | Flexible First options available

What is the Role?

- Risk assessment: Conducting risk assessments to identify potential vulnerabilities and threats to the organisation's IT systems and infrastructure. This involves analysing the impact and likelihood of risks and evaluating the effectiveness of existing controls.

- Risk mitigation: Developing and implementing risk mitigation strategies to minimise the likelihood and impact of identified risks. This may involve developing policies, procedures, and controls to address specific risks, such as data breaches, system failures, or cyber attacks.

- Compliance: Ensuring that the organisation is compliant with relevant regulations and industry standards. This involves keeping up-to-date with changes in regulations, and ensuring that the organisation's IT systems and processes are aligned with these requirements.

- Incident management: Respond to incidents and breaches in compliance to understand the associated risk and analyse the route cause.

- Training and awareness: Promote a Risk Culture to educate colleagues and stakeholders on IT risks and best practices. This includes promoting a culture of security awareness, and ensuring that employees understand their role in protecting the organisation's IT systems and data.

What do I need?

To be considered for this role, we would love you to have:

- Risk management expertise: A strong understanding of risk management principles and methodologies is essential. This includes knowledge of risk assessment techniques, risk mitigation strategies, and risk monitoring and reporting.

- IT knowledge and experience: A solid background in information technology is crucial. You should possess a good understanding of various IT systems, infrastructure, and technologies to effectively identify and assess IT-related risks. Familiarity with cybersecurity, data protection, and IT governance frameworks is highly desirable.

- Analytical and problem-solving skills: You need to be analytical thinker who can assess complex situations, identify potential risks, and propose effective solutions. Strong problem-solving skills are necessary to address IT risks in a proactive and systematic manner.

- Communication and collaboration: Effective communication skills are vital, you will be interacting with stakeholders at all levels of the organisation. You must be able to articulate complex IT risks in a clear and concise manner and provide recommendations to stakeholders. Collaboration skills are also important for working with cross-functional teams, such as IT, legal, compliance, security and senior leadership.

- Adaptability and continuous learning: The IT landscape is constantly evolving, and new risks and technologies emerge regularly. An IT risk manager should be adaptable to change and willing to continuously update their knowledge and skills. Staying informed about emerging threats, industry best practices, and regulatory changes is essential to effectively manage IT risks.

- In addition to these skills and experience, some important behaviours for an IT risk manager include being detail-oriented, proactive, ethical, and having a strong sense of integrity. They should be able to prioritise tasks, work well under pressure, and have the ability to influence and drive change within the organisation.

SSE IT underpins the technology needs of all the different businesses that make up the SSE group. From emerging technologies to data and analytics to cyber security - we power SSE's growth and enable it to generate value, while keeping it secure. As a trusted business partner that helps SSE lead in a low carbon world, we are proud of our service. Working for SSE IT is all about equipping SSE for now and the future.

We offer an excellent package with 34 days annual leave entitlement. Enhanced maternity/paternity leave, discounted healthcare, salary sacrifice car leasing and much more, view our full benefits package on our careers site.

As an equal opportunity employer we encourage diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all protected characteristics and commit to providing any reasonable adjustments you need during the application, assessment and upon joining SSE. Search for 'Inclusion & Diversity at SSE' to find out more.

All applications should be made online, and I'll be back in touch after the vacancy closing date to let you know the outcome.

If you would like to discuss any working flexibly requirements or adjustments you may require throughout the recruitment and selection process, please contact David on 01738 275846.

Before commencing your role with SSE, you'll need to complete our pre-employment screening process. This will consist of a criminality and credit check.