Vacancies

14 jobs available

Hardware Asset Management (HAM) Analyst

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band 4B

About the role

The Hardware Asset Management (HAM) Analyst supports the HAM Manager(s). They are responsible for the day-to-day execution of the Hardware Asset Management process and are responsible for the effectiveness and efficiency of the process, governing the standards that ICT and Suppliers must adhere to. They ensure that the SL Configuration Management Database (CMDB) is healthy and presents a true representation of the relevant Configuration Items (CI’s) for Sellafield Ltd services, enabling this to be used to deliver business value. This includes governance of the supply chain, to identify, control, record, report, audit, and verify hardware service assets through their lifecycle, including basic asset relationships. Reporting into the SACM Lead, this role supports the HAM Manager(s) to enable them to lead Hardware Asset Management within SACM. Sellafield Ltd Information Services Organisation (ISO) own all ITSM processes. This role will support the day-to-day execution of the Hardware Asset Management process by effectively supporting the HAM Manager role. The scope of asset management in SL will be those assets agreed within the SL SACM CMDB Data Model. Records for such items will be created, managed and maintained within the SL SI CMDB under Individual contracts, with Governance activities being performed by the HAM Manager(s). This role has a key supporting role in delivering this. The Hardware Asset Management function is focused on maturing and optimising asset management processes, governance and data management practices across Sellafield Ltd ICT supply chain. This role plays a key part in driving continual service improvement, enhancing asset data quality, supporting audit and compliance activities, and ensuring suppliers operate in accordance with agreed HAM processes and standards.

Support the HAM Manager(s) in the delivery of HAM requirements across all IT Supplier contracts. Assure delivery of Supplier adherence to all policies and processes relating to HAM. Review and analyse HAM SLA/KPI reporting from the supply chain. Fully apprise the HAM Manager(s) when shortfalls in SLA/KPI achievement are identified. Support the health of the CMDB within the SL ITSM Toolset, including basic relationships between CI’s. Utilise the CMDB Data Model and make recommendations where necessary. Identify opportunities for improvements to the HAM process, working with Continuous Service Improvement. Produce HAM reporting and insights. Maintain volumetrics. Monitor and update the ITSM queue and tickets for HAM. Support the SACM Lead in setting SACM strategy, along with the HAM Manager(s). Support the implementation of new HAM techniques and methods. Support and maintain HAM information management systems, including data repositories and reporting dashboards. Champion the importance of SACM and be an advocate for SACM. Maintain a working knowledge of the latest SACM standards within the industry. To advise both ICT colleagues and Suppliers on HAM strategy and priorities. Act as Deputy on behalf of the HAM Manager(s) as required. Maintain volumetrics. Update HAM plans and reports. Demonstrable experience delivering Hardware Asset Management (HAM) and IT Asset Management (ITAM) services within a large, complex enterprise environment, including asset lifecycle management, data governance, reconciliation, and compliance activities. Knowledge of Service Management Best Practice....

Cyber Assurance Advisor 1

Closing date: 27/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 4B
Closing date: 27/07/2026

About the role

The Cyber Assurance Advisor I role is responsible for supporting the delivery of second-line cyber assurance across key technology domains, including Operational Technology (OT), Information Technology (IT), Technical Architecture, and Supply Chain. This role focuses on evaluating the effectiveness of cyber security controls, identifying areas of risk management, and ensuring that appropriate mitigation strategies are in place. Working under the direction of the Cyber Assurance Principal Advisor and in collaboration with the Cyber Assurance Team Lead, the postholders contribute to the organisation’s overall cyber resilience by conducting assurance activities, supporting compliance with internal and external requirements, and ensuring that findings are clearly communicated and addressed. Their work helps maintain a strong security posture and supports informed decision-making across the business.

Support the planning, coordination, and delivery of cyber assurance activities across IT, OT, technical architecture, and supply chain domains. Conduct cyber control testing, evidence reviews, and contribute to structured assurance assessments to evaluate the effectiveness of security measures. Assist in the development and presentation of assurance reports, dashboards, and metrics for internal stakeholders, enabling informed risk-based decisions. Maintain and update assurance documentation, including assessment records, evidence logs, and action tracking registers. Identify control weaknesses and/or gaps that create or increase risks. Collaborate with ICT, engineering, and supply chain teams to gather evidence, validate control implementation, and support timely remediation of identified issues. Contribute to regulatory and audit readiness by supporting evidence collation, documentation reviews, and preparation activities. Monitor and maintain awareness of emerging cyber threats, regulatory developments, and assurance best practices to inform assurance planning and execution. Support continuous improvement of assurance methodologies, tools, and processes to enhance the effectiveness and efficiency of cyber assurance activities. Participate in knowledge sharing and awareness initiatives to promote a strong cyber risk culture across the organisation. The Cyber Assurance Advisor I role operates within a complex and evolving digital environment where cyber threats are increasingly sophisticated and regulatory expectations continue to grow. This role sits within the second line of defence, providing independent oversight and assurance of cyber security controls across diverse domains including IT, OT, technical architecture, and supply chain. The postholders are expected to work collaboratively across business units, often engaging...

Closing date: 27/07/2026

Protective Monitoring Team Lead

Closing date: 27/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 3B Upper

About the role

To lead the Protective Monitoring team in delivering proactive and reactive monitoring of security events across the organisation’s technical infrastructure. The role ensures timely detection, analysis, and escalation of potential cyber threats, supporting the organisation’s resilience against security incidents. The Team Lead will manage operational processes, develop team capability, and ensure compliance with regulatory and organisational security standards.

Lead and manage the Protective Monitoring team, ensuring effective allocation of resources and prioritisation of tasks. Oversee the monitoring, detection, and analysis of security events using SIEM and related technologies. Ensure timely escalation and coordination of incident response activities in line with organisational policies. Maintain and improve protective monitoring processes, ensuring alignment with industry best practices and compliance requirements. Develop and maintain operational dashboards and reporting for senior stakeholders. Own KPIs and SLAs for the monitoring capability (MTTD, MTTR, false positive rate, ingestion latency) and provide executive reporting. Drive continuous improvement initiatives, including automation and optimisation of monitoring workflows. Provide leadership, coaching, and development opportunities for team members. Collaborate with other Cyber Security teams and stakeholders to enhance threat detection and response capabilities. Ensure adherence to data protection, confidentiality, and security standards across all monitoring activities. Decision-Making: Authority to prioritise monitoring activities and escalate incidents as per policy. People Management: Direct line management of Protective Monitoring Analysts. Systems Access: Elevated access to monitoring tools and platforms for operational oversight. Part of the emergency response arrangements. Some on call working may be required. Ability to achieve SC and NPPV Clearance. Degree or equivalent experience in a relevant discipline (e.g., Cyber Security, Computer Science, Digital Forensics). Proven experience in cyber security operations, specifically in protective monitoring or SOC environments. Demonstrated experience of strong knowledge in information security principles (security principles applied to architecture,...

Chief Medical Officer

Closing date: 23/07/2026 View

Role area NEHSQ
Location Sellafield West Cumbria
Band PCH
Closing date: 23/07/2026

About the role

The Chief Medical Officer (CMO) establishes, directs, oversees and leads Occupational Health (OH) standards across the business, acting as the senior authority on all health matters, providing strategic medical leadership across the Enterprise. To ensure that all matters relating to health within the business are addressed appropriately, taking due account of business risk, business impact, cost and schedule implications, and ensuring delivery of defined OH services that support a safe, healthy and legally compliant workforce. The CMO provides strategic and professional oversight of Occupational Health services, including but not limited to: Management referrals. Health surveillance. Statutory and task-related medicals. Substance misuse sampling and reporting. In addition, the CMO also carries out the Medical Officer (MO) role, undertaking the duties as described in the MO Job Profile. Our Occupational Health department provides a professional and technical support service to the Company and forms a key part of SL site’s first aid provision and medical emergency response to radiological and non-radiological emergencies. The Occupational Health function operates within a complex, highly regulated environment. In addition to preventative and advisory health services, the department forms a critical role in supporting resilience and medical preparedness. The Chief Medical Officer plays a key leadership role in ensuring medical readiness, resilience and professional standards within this operational context.

Represent the interests of SL regarding health issues across the population of external customers, partners, stakeholders and special interest groups, including: - Chair of the Compensation Scheme for Radiation-Linked Diseases. - Representing the company and workers on the National Registry for Radiation Workers, working group, alongside UK Health Security Agency (UKHSA). - Liaise with the Nuclear Decommissioning Authority (NDA), Trade Unions and Office of Nuclear Regulation (ONR). Ensure that appropriate and adequate services, skills, capabilities and resources are distributed within the OH department in order to maintain effective service delivery. Provide direction on work, goals, targets and priorities within the OH department. Delegate appropriate level of authority to OH team members, leading a team of Occupational physicians and nursing staff, including a 24/7 shift nursing team. Ensure the provision and maintenance of the OH department including ensuring adequate succession and development plans are in place to maintain OH capability and delivery. Oversee assurance programme for audit within the business and for external organisations such as Lloyd’s Register Quality Assurance (LRQA) and the Faculty of Occupational Medicine for SEQOHS accreditation. Lead on business continuity and recovery for Occupational Health and all things medical within SL. Liaise with Value Stream Leads, Group Business Services (GBS), Human Resources (HR) and Security Vetting to ensure operational alignment within statutory law and ethical guidance. Ensure that all relevant health legislative requirements and standards are incorporated within the SL Management System and that processes are effective and...

Closing date: 23/07/2026

Cyber Process Manager

Closing date: 27/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 3B Lower
Closing date: 27/07/2026

About the role

The Cyber Process Manager is responsible for designing, implementing, and continuously improving cyber security processes across Sellafield Ltd to ensure they are efficient, consistent, and aligned with regulatory, operational, and business requirements. The role plays a critical part in embedding structured, repeatable, and auditable practices that underpin the organisation’s compliance, and assurance activities. Operating within a highly regulated and technically complex environment, the postholder works closely with compliance, assurance, and ICT delivery teams to ensure that cyber processes are integrated into day-to-day operations and support strategic objectives. The role also contributes to audit readiness, regulatory engagement, and the development of a mature, process-driven cyber security function that can adapt to evolving threats and expectations.

Lead the design, documentation, and implementation of cyber security processes and workflows. Ensure cyber processes align with CAF principles, regulatory requirements (e.g., ONR SyAPs, NISR 2003), and internal governance frameworks. Collaborate with cyber risk, compliance, and assurance teams to ensure process integration and consistency. Monitor process performance using KPIs and metrics; identify and implement improvements. Support internal and external audits by ensuring process documentation and evidence are maintained and accessible. Act as a subject matter expert on cyber process management, providing guidance to ICT and business stakeholders. Drive process automation and standardisation to improve efficiency and reduce operational risk. Maintain a central repository of cyber security process documentation and ensure version control and accessibility. Support regulatory engagement with the ONR by ensuring cyber security processes are transparent, well-documented, and demonstrably aligned with regulatory expectations. Provide evidence and process insights during inspections, audits, and formal reviews. Support the Head of GRCA and Cyber Risk Team Lead in embedding a culture of process excellence and continuous improvement. Budget Responsibility: Contributes to process improvement initiatives within the GRCA budget. Matrixed Line Management responsibility. Decision-Making Authority: Authority to define and approve cyber process documentation and improvement plans. Strong experience in process design and improvement, ideally within a cyber security or ICT environment. Familiarity with process frameworks such as ITIL, COBIT, or ISO 27001. Understanding of cyber security principles and regulatory requirements (e.g., CAF, NISR, ONR SyAPs). Experience...

Closing date: 27/07/2026

Corporate Lead – Conventional Safety

Closing date: 27/07/2026 View

Role area NEHSQ
Location Sellafield West Cumbria
Band 3A Lower

About the role

A Health and Safety Lead acts as the functional authority within Sellafield Ltd for specific Health & Safety (H&S) discipline (e.g. Conventional Health & Safety, Radiological Protection, Occupational Hygiene, Chemical Safety / COMAH, Fire Protection, Management of Contractors, Governance and Oversight, Regulatory Integration). They ensure that all matters related to the assigned discipline are effectively managed, with appropriate consideration of business risk, cost, and schedule impact. The job holders are responsible for shaping company-wide policy, defining standards, setting improvement objectives, and providing assurance to the SHEQ Director, SHEQ Lead Team and H&S Duty Holders on company safety performance.

Act as the senior authority for Conventional Safety and source of corporate knowledge, in order to provide specialist advice, guidance and services to the business. Shape company H&S strategy and policy, and provide the safety ‘rules and tools’ required to support the safe execution of the Sellafield Plan. Ensure that all relevant legislative requirements, standards and industry good practice are interpreted and incorporated within the Sellafield Ltd Management System. Define company improvement objectives and targets, and establish Key Performance Indicators to measure and monitor performance against those targets. Act as an Intelligent Customer for H&S; owning and overseeing outsourced work, ensuring specifications are clear, outputs meet regulatory and safety standards, and Sellafield Ltd retains accountability for safety-critical decisions. Ensure that effective governance arrangements are implemented across the enterprise and assure the business on performance against legislative and company standards and targets. Ensure accurate and timely reporting of significant H&S issues and ensure that effective corrective action plans and improvement programmes are developed and implemented to address gaps in regulatory compliance. Promote a culture of organisational learning to continually improve performance. Identify and provide ownership and active management of enterprise level H&S risks. Act as a conscience of the organisation, intervening as appropriate to challenge activities which threaten H&S standards and performance. Own and continuously enhance the company’s Health & Safety training programmes, ensuring alignment with regulatory and operational requirements. Define company nuclear baseline and SQEP requirements for key H&S roles....

Security, Culture, Education & Awareness Practitioner

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band Band 5 Upper

About the role

To support the delivery of cyber security culture, education, and awareness initiatives across Sellafield Ltd. The role contributes to embedding secure behaviours and reducing human-related cyber risk by designing and delivering engaging content, campaigns, and training aligned to the Cyber Assessment Framework (CAF) and the organisation’s cyber strategy. The postholder will work collaboratively across Cyber Security, HR, Training, and Communications to help build a strong security culture and support the development of the CS&IA capability.

Support the implementation of the Cyber Security Culture, Education & Awareness Strategy. Design and deliver cyber awareness campaigns, training materials, and communications tailored to varied audiences. Assist in the development and maintenance of the SCEA career pathway and competency framework. Contribute to the evaluation of education and awareness programmes, gathering feedback and behavioural metrics. Collaborate with internal stakeholders to embed cyber awareness into organisational learning and development programmes. Maintain accurate records of training delivery, campaign outcomes, and SQEP role mapping. Support the development of knowledge management materials and sharing of lessons learned. Provide input into the identification of training needs and development opportunities for the SCEA capability. Engage with external providers and forums to benchmark and incorporate best practices. Promote cyber security awareness across the organisation through events, briefings, and internal communications. Contribute to the development of professional qualifications and accreditation pathways for the capability. Assist in the onboarding and development of new team members within the SCEA function. Operates under the guidance of the SCEA Team Lead. No direct line management responsibilities. May lead discrete work packages or campaigns within the SCEA strategy. Contributes to planning and delivery over a 1–3year horizon. Interfaces with stakeholders across Cyber Security, HR, Training, and Communications. Experience in delivering cyber security awareness, education, or behavioural change initiatives. Strong communication skills, with the ability to tailor messaging to technical and non-technical audiences. Understanding of...

Threat Hunter Opportunities

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band 4A 3BL

About the role

To deliver advanced and proactive threat hunting and analysis activities that identify indicators of compromise and adversary tactics across Sellafield Ltd’s IT & OT environments. These roles are instrumental in strengthening cyber resilience by uncovering hidden threats, supporting incident response and improving detection capabilities. The Senior Threat Hunter, as a technical specialist, leads continuous improvement, mentors junior staff and ensures compliance with regulatory and organisational security standards, while the Threat Hunter contributes technical expertise and supports capability development within the threat team. Both positions operate within the regulated nuclear environment to ensure resilience, compliance and the safe and secure operation of the site.

For both roles, with the senior role leading/directing and the junior role supporting/delivering: Develop and maintain structured threat hunting methodologies and playbooks to ensure repeatable, high‑quality hunting activities. Execute threat hunting activities to identify indicators of compromise and emerging attack techniques. Identify telemetry gaps and work with the SOC engineering team to improve data visibility and detection logic across IT and OT environments. Adapt hunting methodologies for OT environments, considering unique constraints such as limited telemetry, legacy systems, and operational safety requirements. Analyse threat intelligence and correlate findings with internal telemetry to detect potential risks. Develop and refine/test hunting hypotheses based on adversary TTPs and frameworks such as MITRE ATT&CK. Produce clear, actionable reports and recommendations for remediation and risk reduction. Assist incident response by providing technical analysis and threat context during investigations. Drive/Contribute to automation and scripting initiatives to streamline hunting workflows. Maintain awareness of threat actor behaviours, tools, and emerging vulnerabilities. Support/mentor capability development within the Threat team through knowledge sharing and best practices. Ensure adherence to data protection, confidentiality, and security standards in all threat hunting activities. Threat Hunter: Elevated access to threat hunting platforms, SIEM, and forensic tools. Senior Threat Hunter: Provide technical guidance and mentoring to junior staff Influence stakeholders across CS&IA, HR and the wider Sellafield Ltd organisation Practical (threat hunter) or extensive (senior threat hunter) experience in threat hunting, SOC operations, or cyber forensics. Understanding of...

Head of Quality Standards & SEMS

Closing in 3 days View

Role area NEHSQ
Location Sellafield West Cumbria
Band 3A Upper

About the role

The postholder owns the Sellafield Enterprise Management System (SEMS) and is responsible for the design, development and delivery of a simplified, fit‑for‑purpose management system that enables the enterprise operating model, improves organisational performance and strengthens regulatory confidence. The role is accountable for ensuring that Quality standards and relevant good practice aligned with ISO 9001 are effective and embedded across organisational arrangements and delivery processes. They provide enterprise‑wide leadership, governance and assurance of the Sellafield management system to ensure compliance with Nuclear Site Licence Condition 17, relevant regulatory obligations, legal requirements and international standards.

Own the Sellafield Enterprise Management System (SEMS), ensuring it remains coherent, controlled, and aligned with the enterprise operating model, regulatory requirements and organisational needs. Lead the design, development and delivery of simplified, fit‑for‑purpose arrangements, enabling efficient business processes, improved organisational performance and strengthened regulatory confidence. Set, maintain and embed Quality standards and relevant good practice aligned with ISO 9001, ensuring they are consistently applied across organisational arrangements and delivery processes. Provide enterprise‑wide governance and assurance of SEMS compliance, ensuring effective adherence to Nuclear Site Licence Condition 17, relevant regulatory obligations, legal requirements and international standards. Provide authoritative SEMS leadership, guidance and specialist advice to operational delivery organisations, working closely with the Head of Core SHEQ Services to ensure consistent, high‑quality support. Ensure clear, disciplined and consistent control of SEMS documentation, configuration and change, maintaining the integrity of the system and supporting efficient business operation. Lead continuous improvement of SEMS and Quality arrangements, ensuring they remain streamlined, performant and aligned with evolving organisational expectations and relevant good practice. Monitor, evaluate and report on the performance and maturity of SEMS and Quality arrangements, providing insight, challenge and recommendations to senior leaders to strengthen compliance and delivery confidence. Identify and manage SEMS risks, ensuring effective mitigation, escalation when necessary, and clear visibility to the SHEQ Director and senior leadership. As a member of the SHEQ Lead Team: ensure a positive SHEQ culture is established and maintained, with SHEQ considerations remaining central to decision‑making; ...

Threat Intelligence Opportunities

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band 4A 3BL

About the role

The Threat Intelligence function at Sellafield Ltd is responsible for planning, gathering, processing, and analysing cyber threat information specific to Sellafield Ltd and the broader civil nuclear sector. The team transforms this information into valuable and actionable intelligence to inform risk management, security operations, and strategic planning, supporting the proactive defence of the organisation’s critical assets. This is a newly established threat function within the Cyber Security Operations function at Sellafield Ltd, designed to strengthen the organisations cyber security posture. Sellafield operates in a uniquely complex, regulated and high-stakes nuclear environment, where protection of critical assets is paramount. The role must navigate the challenges of building foundational cyber capabilities from the group up, establishing robust security practices, integrating advanced detection technologies, and developing tailored processes to suit both legacy and emerging technologies. Operating at the intersection of IT and OT the function must ensure seamless delivery, compliance with stringent regulatory frameworks, and resilience against evolving threats.

For both roles, with the senior role leading/directing and the analyst role supporting/delivering: Plan, gather, process, and analyse information from varied sources (open, closed, internal, dark web) relevant to Sellafield Ltd and the civil nuclear sector. Produce high-value intelligence outputs, ranging from technical indicators to strategic advisory for business and operational risk decision-makers. Assess emerging threats, actor tactics, vulnerabilities, and trends; contextualise findings for impact on the organisation. Collaborate with SOC, engineering, and incident response teams to ensure intelligence integration and alignment with current and future threats. Maintain relationships with external partners, government, and sector-specific threat-sharing groups. Develop and enhance processes, methodologies, and policies for the threat intelligence function. Additional duties for Senior Analyst: Lead/direct the planning, gathering, processing and analysis of information from varied sources relevant to Sellafield Ltd and the civil nuclear sector. Drive strategic intelligence initiatives and innovation in analytic practices. Mentor, develop, and manage junior analysts. Represent CS&IA in threat intelligence communities and forums. For Senior Threat Intelligence Analyst: Direct line management responsibility for junior analysts, including mentoring and performance management. Act as the primary escalation point within the threat intelligence function for complex or high-impact threats. Owns the panning and prioritisation of the threat intelligence programme, including developing internal requirements and driving external collaboration. Accountable for quality assuring the key threat intelligence reports and outputs consumed by senior stakeholders and board-level decision makers. Provide subject matter expertise and guidance for...

Location

Contract type

Band

Fill in the form that pops out with your email address and desired contact frequency then click the 'Subscribe' button on the form.

You will have the choice to opt out of the alert in the email confirmation.