×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Security and Risk Specialist E. PLC

Job in Nottingham, Nottinghamshire, NG1, England, UK
Listing for: E.ON Gruppe
Full Time position
Listed on 2026-01-09
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Job Description & How to Apply Below
Position: Security and Risk Specialist E.ON PLC

Select how often (in days) to receive an alert:

We need everyone's positive energy and innovative thinking to lead the transition to new energy. That's why we welcome applications from all backgrounds and experiences and offer flexible working options to suit everyone!

We're looking for a Security and Risk Specialist to join our Digital Technology function on a permanent basis. This role can be based at Nottingham, Kingswinford or Solihull and offers a hybrid working model, allowing you to play a critical role in securing our technology landscape as the energy industry continues to transform.

Security and Risk Specialist
Here's what you'll be doing

As a subject matter expert, you’ll take ownership of IT risk and security controls across

E.ON UK, ensuring our technology, suppliers, and systems meet the highest standards of security, compliance, and resilience. Working in a complex multi-supplier environment, you’ll assess and manage IT risks end-to-end, ensuring appropriate mitigation plans are in place and executed effectively. You’ll act as a trusted advisor across the business, providing leadership, guidance, and challenge at all levels – including acting on behalf of the CTO when required.

Key Responsibilities

  • Lead the management of IT security risks and controls across

    E.ON UK, including supplier compliance, audits, certifications, and accreditations.
  • Define, implement, and maintain robust security controls across a complex multi-supplier technology environment.
  • Assess, document, and treat security risks, ensuring appropriate mitigation plans are developed and delivered.
  • Act as a security and risk champion across Digital Technology, providing guidance, coaching, and support to teams and suppliers.
  • Chair and represent

    E.ON in supplier security working groups and the wider

    E.ON security community, including engagement with CERT.
  • Set standards for security documentation, reviewing supplier outputs and ensuring alignment with best practice.
  • Scope, commission, and interpret penetration testing activities, translating findings into business-focused risk and remediation plans.
  • Effective management of security vulnerabilities by working with suppliers to identify, evaluate and remediate.
  • Work closely with Information Security, Internal Controls, Audit Services, and senior stakeholders to ensure continuity and consistency of controls.
  • Coach and support junior team members, contributing to capability and knowledge development across the function.
What we need from you

Essential

  • At least 5 years’ experience in IT security and architecture.
  • Strong experience working with cloud computing technologies.
  • Knowledge and practical experience of ISO 27001 and ISO 27002, including operating within an ISMS.
  • Proven track record of delivering security improvement initiatives and security awareness programmes.
  • Experience applying industry best practice frameworks such as NCSC, NIST, OWASP, SAMM, or SABSA.
  • Ability to provide security consultancy across multiple projects, advising on risk, treatment options, and controls.
  • Demonstrable experience conducting information security risk assessments, threat modelling and guiding others on effective risk management.
  • Experience scoping and managing penetration testing for internal and third‑party solutions.
  • Excellent written and verbal communication skills, with the ability to translate technical risk into business language.

Desirable

  • Experience working in a multi‑site, multi‑vendor environment.
  • Knowledge of vulnerability management tools such as Qualys or Wiz.
  • Professional security qualifications (e.g. CISSP, ISSAP, CISM, CRISC).
  • Experience providing third‑party security assurance during supplier selection and contract management.
  • Experience implementing or auditing ISO 27001, ideally as a lead auditor or implementer.
Here’s what you need to know
  • Award‑Winning Workplace – We’re proud to be named a Sunday Times Best Place to Work 2025 and the Best Place to Work for 16–34‑year‑olds
    .
  • Outstanding Benefits – Enjoy 26 days of annual leave plus bank holidays, a generous pension, life cover, bonus opportunities, and access to 20 flexible benefits with tax/NI savings.
  • Flexible & Family‑Friendly – Our…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search