Cyber Security and Information Assurance Manager

Originally named, Great British Nuclear, Great British Energy – Nuclear is an arm’s length body of the Department for Energy Security and Net Zero, dedicated to supporting the development and deployment of new nuclear technologies in Great Britain. We play a crucial role in advancing nuclear new build, ensuring the UK’s energy security and achieving net-zero carbon emissions. Great British Energy – Nuclear focuses on fostering innovation, facilitating investment, and coordinating efforts across the nuclear industry to build a resilient and sustainable energy future. Great British Energy – Nuclear’s first step was to start the technology selection process for Small Modular Reactors (SMRs) in 2023. SMRs can potentially be quicker to deploy and less expensive to build than traditional nuclear power plants because they are smaller, have factory-based modular manufacturing and more flexible deployment options. In June 2025, Great British Energy – Nuclear announced that Rolls-Royce SMR had been selected as the preferred bidder to build the UK’s first SMRs, following a technology selection process that began in 2023. Great British Energy – Nuclear is aiming to deliver fast, based on a supportive and collaborative culture which values equality and diversity and creates an inclusive workplace. We draw on deep nuclear expertise – our Executive Committee has over 100 years of nuclear experience at home and abroad. GBE-N will unlock billions of pounds of private and public investment from design to operation, helping to get sites ready for development, and working to grow manufacturing capacity and skills capability. Our activities will be driven by our values, which are: Trust – We prioritise safety, we act responsibly and with integrity. Collaboration – We work as a team; we value diversity and expertise. Challenge – We are curious and courageous in the way we think and act. Care – We are thoughtful, inclusive and respectful of others. Drive – We get things done and we make a difference. If you have a disability and would prefer to apply in a different format or would like us to make reasonable adjustments to enable you to apply or attend an interview, please contact us at recruitment@greatbritishnuclear.uk and we will talk to you about how we can assist.

We are seeking a seasoned Cyber Security & Information Assurance Manager with deep expertise in Operational Technology (OT) to lead the development and execution of cyber security strategies for our SMR programme. This role is pivotal in securing industrial control systems (ICS), SCADA platforms , and other safety-critical OT environments across the nuclear lifecycle. You’ll ensure compliance with stringent nuclear and cyber standards while embedding security into the heart of system design and delivery.

Key Responsibilities

• OT-Centric Cyber Strategy & Delivery
• Lead the cyber security strategy for OT systems, including ICS, SCADA, and embedded control systems.
• Ensure robust integration of cyber security into OT system architecture and lifecycle.
• Develop and maintain the Information Assurance Framework tailored to OT environments.
• Conduct OT-specific risk assessments, threat modelling, and vulnerability analysis.
• Oversee cyber resilience testing and incident response planning for OT systems.
• Drive secure integration and testing of OT platforms across the SMR project.
• Compliance & Standards
• Ensure alignment with nuclear and OT cyber standards, including: IEC 62443 (Industrial Automation & Control Systems Security) ISO/IEC 27001 (Information Security Management) NCSC guidance and UK Cyber Essentials ONR Security Assessment Principles (SyAPs)
• Secure by Design Leadership
• Act as the primary interface for Secure by Design (SbD) across OT systems.
• Review and approve design proposals and changes for systems critical to safety, security, and safeguards.
• Collaborate with the Design Authority and Nuclear Safety Committee (NSC) to embed SbD principles.
• Stakeholder Engagement & Governance
• Lead engagement with internal engineering, IT, and regulatory teams.
• Own relationships with external stakeholders including NCSC, ONR, and key subcontractors.
• Facilitate design reviews and cyber assurance meetings focused on OT systems.
• Policy, Innovation & Performance
• Develop and maintain OT-focused cyber security policies and processes.
• Drive innovation in OT cyber security, leveraging modern technologies and methodologies.
• Establish KPIs and performance metrics for OT cyber assurance.
• Lead Learning from Experience (LfE) reviews and approve corrective actions.

Required Qualifications & Experience

• Extensive experience in cyber security management for OT environments , ideally within nuclear, utilities, or other regulated sectors.
• Proven track record securing ICS, SCADA, PLCs , and other industrial control systems.
• Strong knowledge of OT-specific standards and regulatory frameworks.
• Experience in secure OT system design, implementation, and lifecycle management.
• Excellent communication and stakeholder management skills.
• Degree in Cyber Security, Information Assurance, Engineering, or related field.
• Eligible for UK National Security Vetting – Security Check (SC).

Desirable Attributes

• Certifications such as GICSP, CISSP, CISM, IEC 62443, ISO 27001 Lead Implementer .
• Experience in nuclear licensing and regulatory engagement.
• Familiarity with SMR technologies and digital twin environments.
• Strategic mindset with a proactive approach to emerging OT threats.
• Experience managing cyber teams and working in client-side/employer roles.
• Membership in relevant professional bodies