×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security IT Consultant Information Security

Cyber Security Manager GB

Job in Solihull, West Midlands, B91, England, UK
Listing for: E.ON
Full Time position
Listed on 2025-12-30
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, IT Consultant, Information Security
Job Description & How to Apply Below
Position: Cyber Security Manager GB)

Cyber Security Manager

We're looking for a Cyber Security Manager to be the cornerstone of IT security for npower Business Solutions (nBS), the Industrial & Commercial arm of

E.ON UK. Based in Nottingham or Solihull, this permanent role (with FTC options considered) sits at the heart of our transformation - establishing and operating a robust Information Security Management System (ISMS), embedding best practices across our evolving Bus Dev Sec Ops  culture, and providing expert guidance on everything from secure architecture and fraud prevention to emerging governance frameworks. Operating within the

E.ON Group's overarching cyber security framework, you'll navigate a complex multi‑supplier ecosystem and lead the security agenda as we transition from a traditional service model to a modern product and Dev Sec Ops  environment. This role blends deep governance expertise with hands‑on technical acumen, advising stakeholders at all levels, including the C‑suite.

What you’ll be doing
  • Own cyber security, IT risk and controls for nBS - ensuring effective governance, risk management, and audit readiness are embedded and operating smoothly.
  • Lead threat and risk assessments to ISO 27005, producing consolidated risk reports, defining KRIs, and managing remediation plans through their lifecycle.
  • Develop, implement and mature the ISMS aligned to ISO 27001, Smart Energy Code (SEC) and emerging standards including ISO 42001 (AI Management) and the Cyber Assessment Framework (CAF) / CRA.
  • Promote heightened cyber risk awareness across nBS - running drop‑in sessions, roadshows, and targeted C‑suite engagement.
  • Act as a trusted adviser on strategies, controls, and architectural patterns to mitigate external threats, providing pragmatic guidance to product teams and leadership.
  • Drive compliance and certification across key regulations and standards :
    Smart Energy Code (SEC), Retail Energy Code (REC), PCI DSS, GDPR, Cyber Essentials, and the Cyber Assurance Framework - including planning and supporting internal control testing, and acting as primary liaison with internal / external auditors.
  • Be the security cornerstone in our product and Dev Sec Ops  transition - guiding secure architecture, secure coding practices, threat modelling, and integrating controls throughout the SDLC.
  • Manage third‑party security posture across our multi‑supplier ecosystem - covering onboarding, contractual controls, auditing, and ongoing reviews for SaaS, integration, and infrastructure providers.
  • Own legislation and compliance engagement for PCI DSS, DPA / GDPR, SEC, REC, CRA / CAF, and related UK initiatives (e.g., the Cyber Resilience Bill, the evolving UK Cyber Security Bill).
  • Scope and coordinate penetration tests - managing delivery with relevant teams and ensuring findings are triaged, tracked, and resolved in line with nBS's risk appetite.
  • Champion a culture of security - delivering coaching and presentations from engineering squads to the C‑suite, ensuring security is a value‑add, not a blocker.
What we need from you
Essential
  • Proven track record of taking companies through audits and certifications - planning, readiness, engagement, and successful outcome delivery (e.g., SEC / REC, Cyber Essentials, SOC 2 Type II, PCI DSS, ISO 27001).
  • A strong understanding of the UK energy sector's regulatory landscape, particularly Smart Energy Code (SEC) and Retail Energy Code (REC), with at least 5 years' experience in Smart.
  • Credibility and presence at senior level, with the confidence to engage and influence the C‑suite.
  • Experience operating in a complex, multi‑supplier environment - including onboarding, auditing, and ongoing review of third‑party security posture.
  • Hands‑on ISMS expertise - establishing, operating, and maturing an ISMS aligned to ISO 27001.
  • Strong technical acumen - secure architecture design, practical security guidance within Dev Sec Ops  or Agile settings, and integrating controls through the SDLC.
  • Significant experience in IT risk management - conducting assessments (e.g., ISO 27005), managing risks end‑to‑end, and defining meaningful KRIs.
  • Demonstrated subject matter expertise in at least two of : ISO 27001, ISO 42001, Data…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search