Skip to main content

Operational Technology (OT) Cyber Assurance Auditor

Scotland, Glasgow
Performance related bonus
Closing date
1 Aug 2024

Job Details

About the Role

Base Location: Flexible, however our preference is that you will be based in one of our key Scotland sites, which includes but is not limited to:- Glasgow, Perth, Aberdeen and Inverness.

Salary: up to £71,600 + performance-related bonus + a range of benefits to support your finances, wellbeing and family.

Working Pattern: Permanent | Full Time | Flexible First options available

As OT Cyber Assurance Auditor, you will focus on OT cyber security within the Transmission business, including broader IT elements supporting a net zero network. You will deliver risk-based cyber audits for Transmission's projects and operational assets, ensuring compliance with NIS-Regulations across security improvement programmes, strategic projects, and large-scale projects. You will interface with various business areas, including Group functions and other regulated areas, providing assurance to the Group level, Transmission Executive Committee, and Security Working Group on OT cyber security risk management. Audits typically range from 20-40 days, with ongoing support for key Transmission change programs. Your role will be instrumental in driving change where cyber risks impact the business.

This position is ideal if you have experience in OT, preferably within the electricity networks environment, and cyber security, and are looking to expand your knowledge in these areas. As OT Cyber Assurance Auditor, you will:

- Understand the Business and Impact of OT Cyber Risk - You'll build trusted relationships with the business, IT, OT, and Cyber Risk teams to gain a deep understanding of key processes, operations, and the strategic changes impacting the OT cyber risk profile.

- Balance Robust and Pragmatic Cyber Assurance and Advice - You'll use insights from your relationships across the group to support the scoping, delivery, and reporting of assurance via audit. You'll provide practical risk and assurance advice that considers business risk, impact, and current cyber security maturity.

- Prepare Reports, Communicate Results, and Agree Actions - You'll regularly report to management at all levels, prepare draft reports for review, discuss findings with management, and agree on actionable and proportionate responses with clear responsibilities and due dates.

- Ensure Actions Are Completed - You'll conduct follow-up activities to ensure agreed audit actions are completed as per the audit reports, documenting any changes clearly.

- Engage with Relevant Transmission Programmes - You'll collaborate with key Transmission cyber security programs to provide real-time assurance of these initiatives.

What do I need?

To be considered for this role, we would love you to have:

- Demonstrable experience with OT security frameworks and best practices - IEC 62433, NIST 800-82, NIST CSF, IEC 61580.

- A good understanding of OT systems within the electricity network sector.

- Ability to carry out security risk assessment or threat modelling of system architecture.

- Experience of writing reports for a wide range of stakeholders, including senior non-technical stakeholders.

- Hold or working towards holding a cyber security certification (e.g. GICSP, CISSP, CISA, CISM, CCSP).

Candidates for this role will be required to obtain vetting to SC level through UK Government. The criteria normally includes 5 years UK residency, further information can be found here: United Kingdom Security Vetting: Applicant - GOV.UK (

About our Business

SSE's Group Risk & Audit teams are responsible for supporting the SSE Group in meeting their risk management responsibilities, ensuring that we meet our obligations under the UK Corporate Governance Code. We undertake assurance reviews right across the business to help identify any risks that may impact our performance, integrity, solvency or liquidity, and offer appropriate recommendations to help mitigate these.

What's in it for you?

We offer an excellent package with 34 days annual leave entitlement. Enhanced maternity/paternity leave, discounted healthcare, salary sacrifice car leasing and much more, view our full benefits package on our careers site.

As an equal opportunity employer we encourage diversity and are committed to creating an inclusive environment for all employees. We encourage applicants from all protected characteristics and commit to providing any reasonable adjustments you need during the application, assessment and upon joining SSE. Search for 'Inclusion & Diversity at SSE' to find out more.

What happens now?

All applications should be made online, and I'll be back in touch after the vacancy closing date to let you know the outcome.

If you would like to discuss any working flexibly requirements or adjustments you may require throughout the recruitment and selection process, please contact Louise on 01738 351671.

Before commencing your role with SSE, you'll need to complete our pre-employment screening process. This will consist of a criminality and credit check.


We are driven by our purpose: to provide energy needed today while building a better world of energy for tomorrow.

We are a leading generator of renewable electricity and one of the largest electricity network companies in the UK.

We develop, own and operate low carbon infrastructure to support the zero-carbon transition.  This includes onshore and offshore wind, hydro power, electricity transmission and distribution grids, and efficient gas-fired generation, alongside providing energy products and services for businesses, and we have interests across Great Britain and Northern Ireland, Republic of Ireland, Japan, Spain, Portugal, Denmark and Poland.

Our twin focus of practicality and inspiration is a strategy that has seen us through more than 70 years.

We are UK listed, employing 10,000 talented and skilled people and are real Living Wage and Fair Tax Mark accredited.

Because we’re SSE, and we’re for a better world of energy – for everyone.


Company info

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert