Vacancies

19 jobs available

Threat Intelligence Opportunities

Closing date: 20/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 4A 3BL

About the role

The Threat Intelligence function at Sellafield Ltd is responsible for planning, gathering, processing, and analysing cyber threat information specific to Sellafield Ltd and the broader civil nuclear sector. The team transforms this information into valuable and actionable intelligence to inform risk management, security operations, and strategic planning, supporting the proactive defence of the organisation’s critical assets. This is a newly established threat function within the Cyber Security Operations function at Sellafield Ltd, designed to strengthen the organisations cyber security posture. Sellafield operates in a uniquely complex, regulated and high-stakes nuclear environment, where protection of critical assets is paramount. The role must navigate the challenges of building foundational cyber capabilities from the group up, establishing robust security practices, integrating advanced detection technologies, and developing tailored processes to suit both legacy and emerging technologies. Operating at the intersection of IT and OT the function must ensure seamless delivery, compliance with stringent regulatory frameworks, and resilience against evolving threats.

For both roles, with the senior role leading/directing and the analyst role supporting/delivering: Plan, gather, process, and analyse information from varied sources (open, closed, internal, dark web) relevant to Sellafield Ltd and the civil nuclear sector. Produce high-value intelligence outputs, ranging from technical indicators to strategic advisory for business and operational risk decision-makers. Assess emerging threats, actor tactics, vulnerabilities, and trends; contextualise findings for impact on the organisation. Collaborate with SOC, engineering, and incident response teams to ensure intelligence integration and alignment with current and future threats. Maintain relationships with external partners, government, and sector-specific threat-sharing groups. Develop and enhance processes, methodologies, and policies for the threat intelligence function. Additional duties for Senior Analyst: Lead/direct the planning, gathering, processing and analysis of information from varied sources relevant to Sellafield Ltd and the civil nuclear sector. Drive strategic intelligence initiatives and innovation in analytic practices. Mentor, develop, and manage junior analysts. Represent CS&IA in threat intelligence communities and forums. For Senior Threat Intelligence Analyst: Direct line management responsibility for junior analysts, including mentoring and performance management. Act as the primary escalation point within the threat intelligence function for complex or high-impact threats. Owns the panning and prioritisation of the threat intelligence programme, including developing internal requirements and driving external collaboration. Accountable for quality assuring the key threat intelligence reports and outputs consumed by senior stakeholders and board-level decision makers. Provide subject matter expertise and guidance for...

Offensive Security Analyst

Closing date: 20/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 4A

About the role

Provide expert offensive cyber capabilities by leading and supporting the planning, execution and analysis of advanced penetration testing, red/purple team, vulnerability assessment and adversary simulation engagements. The objective is to uncover and proactively mitigate exploitable security weaknesses across IT, OT, Cloud and application environments, thereby supporting a resilient and continuously improving defensive posture for the organisation. The profile spans junior and senior responsibilities from conducting technical tests to mentoring junior analysts and contributing to the strategic development of the offensive security function. These roles operate at the front line of proactive cyber defence; this role challenges entrenched security assumptions and identifies risks before adversaries do. It involves rapidly adapting to technological and threat landscape changes, staying current with emerging threats and tools, and meeting shifting regulatory and organisational demands. Analysts must collaborate effectively, operate ethically, and contribute to continual improvement, knowledge transfer, and maturity of the organisation's offensive security capability.

Conduct penetration tests, vulnerability scans, and red/purple team engagements across infrastructure, applications, cloud and OT environments. Document findings, analyse exploitation risk, and contribute to technical and non-technical reporting. Maintain and update offensive toolsets according to best practice Support mitigation efforts and collaborate with other teams. Assist in adversary simulation scenarios to improve detection and response maturity. Maintain up to date knowledge of threats and offensive security techniques. Participate in scoping and remediation reviews. Maintain professional development and certifications. Operate with high stands of legality and ethics. Hands-on experience with offensive security tools and techniques (e.g., penetration testing frameworks, red/purple team tooling). Understanding of common security vulnerabilities, exploitation methods, and security controls. Good written and verbal communication for reporting and stakeholder engagement. CREST, CHECK, OSCP/OSCE or equivalent certification. Experience in nuclear, defence, or critical infrastructure environments. Experience integrating red team outcomes into blue team/detection engineering pipelines. Open VN Number of Vacancies: 2 Contact/s: Andrew Shutak The interviews for this vacancy are to be confirmed. ASW’s may have the right to apply for internal Sellafield Ltd vacancies. Please note if you are an Agency Supplied Worker you are required to attach evidence of all qualifications obtained to support your application. We require a minimum of A*-C (9-4) GCSE in English Language, Maths & Science/IT or equivalent / higher qualification. If you choose to apply for this role and your application is shortlisted by the...

Chief of Staff

Closing date: 20/07/2026 View

Role area NEHSQ
Location Sellafield West Cumbria
Band 3A Lower
Closing date: 20/07/2026

About the role

Responsible for integrating, coordinating, and enabling all SHEQ support activities required by the SHEQ Director and the SHEQ Lead Team. This includes coordination of SHEQ strategy, planning, governance, assurance, reporting, engagement, communication, improvement activity, and other requirements as defined by the SHEQ Director. The role acts as the primary coordinating interface for the SHEQ Director and Lead Team, ensuring clarity, alignment and disciplined execution across all SHEQ functions. Is the core integrator that enables the SHEQ Lead Team to operate as a cohesive, high‑performing leadership body. They ensure that key routine and strategic deliverables to the SHEQ Director, Executive and Board are planned, coordinated and delivered to the required quality, cadence and standard. Through effective integration, prioritisation and orchestration, the role enables the day‑to‑day and year‑on‑year activities of the SHEQ Lead Team to be visible, aligned and delivered at pace - strengthening organisational performance, supporting informed executive decision‑making, and ensuring that SHEQ expectations are consistently reinforced across the SHEQ organisation.

Coordinate and integrate delivery of the SHEQ strategy and ambition, ensuring clear translation of strategic objectives into actionable plans with the SHEQ Lead Team and monitoring progress against agreed priorities. Integrate SHEQ governance and assurance into coherent insight and action, ensuring that oversight, challenge, findings and risks are synthesised into clear messages, prioritised interventions and well‑governed decision‑making for the SHEQ Director and Lead Team. Own and manage SHEQ reporting, ensuring high‑quality, timely and insightful reporting to the SHEQ Director, Executive, Board and internal governance forums, with a focus on performance, risk and delivery confidence. Coordinate and drive SHEQ improvement programmes, ensuring prioritised, aligned and measurable improvements that enhance performance, culture and capability across all SHEQ disciplines. Examples include Workstream Lead for Target Operating Model, MAVE, NISCI, etc. Lead SHEQ communications and engagement, ensuring clear, consistent and effective messaging across the SHEQ organisation and enabling the SHEQ Lead Team to operate as a unified leadership body. Manage the SHEQ portfolio, overseeing financial planning, budget tracking, resource management, headcount oversight and routine SHEQ business delivery to ensure efficient and effective use of SHEQ resources. Coordinate day‑to‑day and long‑term delivery across the SHEQ Lead Team, ensuring SHEQ work programmes, commitments and routine deliverables are aligned, integrated and delivered to the required pace, quality and standard. Enable effective SHEQ Director engagement, acting as the primary coordinating interface to ensure the Director receives the right information, insight, support and alignment across all SHEQ functions. Develop, enable...

Closing date: 20/07/2026

Tier 3 Analyst

Closing date: 20/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 3B Lower
Closing date: 20/07/2026

About the role

To provide advanced cyber security monitoring, analysis, and incident response within the organisation’s security operations framework. The Tier 3 analysts are responsible for investigating escalated alerts, performing in-depth threat analysis, and supporting proactive measures, such as threat hunting to detect and mitigate cyber risks. This role ensures robust detection and response capabilities, continuous improvement of security processes to maintain organisational resilience and compliance.

Monitoring SIEM tools to assure high a level of security operations delivery function. Serve as an escalation point for more junior analysts, providing expert guidance and technical leadership. Lead investigations into high-severity or complex security incidents, coordinating containment and eradication efforts. Working with the engineering team, develop and optimise advanced detection rules, correlation logic, and automation workflows within SIEM and SOAR platforms. Inform proactive threat hunting and identify emerging attack patterns using frameworks such as MITRE ATT&CK. Review and enhance incident response runbooks; ensure they remain fit for purpose and aligned with best practices. Produce detailed post-incident reports and lessons learned, drive improvements across processes and tooling. Collaborate with technical teams to ensure new and changed services are integrated into monitoring and compliance frameworks. Mentor and coach more junior analysts, supporting their technical development and career progression. Deliver knowledge-sharing sessions and contribute to team training plans. Recommend and implement continual service improvements to strengthen cyber resilience. Ensure compliance with organisational security policies and regulatory requirements. Act as a subject matter expert for cyber security monitoring and incident response during audits and stakeholder reviews. Authority to escalate incidents and recommend containment actions. Elevated access to monitoring tools, SIEM, and forensic platforms for analysis. Some on call working may be required. Provides technical guidance and mentoring to junior analysts, influencing Security Operations Centre (SOC) operational strategy. Manage and develop a shift team of Tier...

Closing date: 20/07/2026

Hardware Asset Management (HAM) Analyst

Closing date: 20/07/2026 View

Role area IT Information Services
Location Sellafield or Risley
Band 4B

About the role

The Hardware Asset Management (HAM) Analyst supports the HAM Manager(s). They are responsible for the day-to-day execution of the Hardware Asset Management process and are responsible for the effectiveness and efficiency of the process, governing the standards that ICT and Suppliers must adhere to. They ensure that the SL Configuration Management Database (CMDB) is healthy and presents a true representation of the relevant Configuration Items (CI’s) for Sellafield Ltd services, enabling this to be used to deliver business value. This includes governance of the supply chain, to identify, control, record, report, audit, and verify hardware service assets through their lifecycle, including basic asset relationships. Reporting into the SACM Lead, this role supports the HAM Manager(s) to enable them to lead Hardware Asset Management within SACM. Sellafield Ltd Information Services Organisation (ISO) own all ITSM processes. This role will support the day-to-day execution of the Hardware Asset Management process by effectively supporting the HAM Manager role. The scope of asset management in SL will be those assets agreed within the SL SACM CMDB Data Model. Records for such items will be created, managed and maintained within the SL SI CMDB under Individual contracts, with Governance activities being performed by the HAM Manager(s). This role has a key supporting role in delivering this. The Hardware Asset Management function is focused on maturing and optimising asset management processes, governance and data management practices across Sellafield Ltd ICT supply chain. This role plays a key part in driving continual service improvement, enhancing asset data quality, supporting audit and compliance activities, and ensuring suppliers operate in accordance with agreed HAM processes and standards.

Support the HAM Manager(s) in the delivery of HAM requirements across all IT Supplier contracts. Assure delivery of Supplier adherence to all policies and processes relating to HAM. Review and analyse HAM SLA/KPI reporting from the supply chain. Fully apprise the HAM Manager(s) when shortfalls in SLA/KPI achievement are identified. Support the health of the CMDB within the SL ITSM Toolset, including basic relationships between CI’s. Utilise the CMDB Data Model and make recommendations where necessary. Identify opportunities for improvements to the HAM process, working with Continuous Service Improvement. Produce HAM reporting and insights. Maintain volumetrics. Monitor and update the ITSM queue and tickets for HAM. Support the SACM Lead in setting SACM strategy, along with the HAM Manager(s). Support the implementation of new HAM techniques and methods. Support and maintain HAM information management systems, including data repositories and reporting dashboards. Champion the importance of SACM and be an advocate for SACM. Maintain a working knowledge of the latest SACM standards within the industry. To advise both ICT colleagues and Suppliers on HAM strategy and priorities. Act as Deputy on behalf of the HAM Manager(s) as required. Maintain volumetrics. Update HAM plans and reports. Demonstrable experience delivering Hardware Asset Management (HAM) and IT Asset Management (ITAM) services within a large, complex enterprise environment, including asset lifecycle management, data governance, reconciliation, and compliance activities. Knowledge of Service Management Best Practice....

Chief Medical Officer

Closing date: 23/07/2026 View

Role area NEHSQ
Location Sellafield West Cumbria
Band PCH
Closing date: 23/07/2026

About the role

The Chief Medical Officer (CMO) establishes, directs, oversees and leads Occupational Health (OH) standards across the business, acting as the senior authority on all health matters, providing strategic medical leadership across the Enterprise. To ensure that all matters relating to health within the business are addressed appropriately, taking due account of business risk, business impact, cost and schedule implications, and ensuring delivery of defined OH services that support a safe, healthy and legally compliant workforce. The CMO provides strategic and professional oversight of Occupational Health services, including but not limited to: Management referrals. Health surveillance. Statutory and task-related medicals. Substance misuse sampling and reporting. In addition, the CMO also carries out the Medical Officer (MO) role, undertaking the duties as described in the MO Job Profile. Our Occupational Health department provides a professional and technical support service to the Company and forms a key part of SL site’s first aid provision and medical emergency response to radiological and non-radiological emergencies. The Occupational Health function operates within a complex, highly regulated environment. In addition to preventative and advisory health services, the department forms a critical role in supporting resilience and medical preparedness. The Chief Medical Officer plays a key leadership role in ensuring medical readiness, resilience and professional standards within this operational context.

Represent the interests of SL regarding health issues across the population of external customers, partners, stakeholders and special interest groups, including: - Chair of the Compensation Scheme for Radiation-Linked Diseases. - Representing the company and workers on the National Registry for Radiation Workers, working group, alongside UK Health Security Agency (UKHSA). - Liaise with the Nuclear Decommissioning Authority (NDA), Trade Unions and Office of Nuclear Regulation (ONR). Ensure that appropriate and adequate services, skills, capabilities and resources are distributed within the OH department in order to maintain effective service delivery. Provide direction on work, goals, targets and priorities within the OH department. Delegate appropriate level of authority to OH team members, leading a team of Occupational physicians and nursing staff, including a 24/7 shift nursing team. Ensure the provision and maintenance of the OH department including ensuring adequate succession and development plans are in place to maintain OH capability and delivery. Oversee assurance programme for audit within the business and for external organisations such as Lloyd’s Register Quality Assurance (LRQA) and the Faculty of Occupational Medicine for SEQOHS accreditation. Lead on business continuity and recovery for Occupational Health and all things medical within SL. Liaise with Value Stream Leads, Group Business Services (GBS), Human Resources (HR) and Security Vetting to ensure operational alignment within statutory law and ethical guidance. Ensure that all relevant health legislative requirements and standards are incorporated within the SL Management System and that processes are effective and...

Closing date: 23/07/2026

Radiometric Physics Manager

Closing in 3 days View

Role area Technical
Location Sellafield West Cumbria
Band 3B Lower

About the role

Radiometric Physics Managers lead and manage a team of Radiometric Physicists who apply nuclear physics expertise to support Radiometric Characterisation Services and Nuclear Material Assay operations across the site. The role ensures the delivery of high-quality technical support for both portable and installed assay systems, enabling accurate in-situ measurement and analysis. Managers are accountable for maintaining technical excellence, overseeing the Intelligent Customer function for radiometric physics activities performed by the supply chain, and ensuring alignment with regulatory and operational requirements.

Oversee the delivery of technical packages of work for Radiometric Characterisation Services ensuring radiometric physics principles are applied appropriately and correctly. Ensures consistent application of technical quality management and assurance. Performs checking and approval activities for radiometric physics deliverables. Represent their department/facility at internal and external meetings and forums, as appropriate. Maintain effective relationships with stakeholders, establishing and maintaining links to relevant internal groups and external agencies, g. colleagues in operations roles, Centres of Expertise and regulatory bodies. Management of budgets in relation to their area of responsibility. Contribute to the development of procedures, specifications and safety documentation. Supervision and line management of Radiometric Physicists (setting performance goals and standards of behaviour, active management of SQEP/training, ensuring attendance and absences are appropriately managed, conducting regular Check-in conversations and ensuring well-being of team members). Proactive management of team safety issues ensuring all are working in compliance with site health and safety procedures. Ensure adequate consideration of nuclear, conventional, industrial, radiological and environmental safety within technical outputs, by ensuring all work activities are to site standards, policies, processes and procedures. Ensure the team are continually developed through appropriate mentoring and training programmes to deliver best practice radiometric solutions against site requirements. Proactive management of team workload, deploying resources against priority tasks. Authorities & Dimensions Delivery of a portfolio of radiometric Tasks up to £1,000,000 in value. To oversee production of technical deliverables required to support Radiometric Characterisation Services...

Cyber Assurance Principal Advisor

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band 3B Lower

About the role

The Cyber Assurance Principal Advisor is responsible for leading the delivery of second-line cyber assurance across key domains including IT, OT, technical architecture, and supply chain. The role ensures cyber security controls are effectively assessed, risks are independently evaluated, and assurance activities are aligned with organisational priorities. They oversee a team of advisors, manage assurance planning and execution, and provide expert guidance on cyber risk and control effectiveness. The postholder acts as a key liaison between assurance, operational teams, and senior stakeholders, ensuring findings are clearly communicated and acted upon. They also support regulatory readiness, contribute to audit activities, and drive continuous improvement in assurance practices. The role requires strong leadership, technical insight, and the ability to influence across a complex and high-risk environment. The Cyber Assurance Principal Advisor operates in a high-stakes, highly regulated environment where the protection of critical infrastructure and sensitive information is paramount. The role demands a deep understanding of cyber risk across diverse domains; IT, OT, technical architecture, and supply chain within a complex organisational and technological landscape. With increasing regulatory scrutiny and evolving threat vectors, the postholder must ensure that assurance activities are both rigorous and adaptable to emerging risks. A key challenge lies in maintaining independence while working collaboratively with first-line teams across ICT, digital, engineering, and supply chain functions. The Principal Advisor must be able to challenge constructively, influence decision-making, and drive improvements without compromising relationships or operational delivery. The role also requires the ability to interpret and apply regulatory expectations, support audit and inspection readiness, and contribute to the organisation’s defensible assurance posture. Operating under the Cyber Assurance Team Lead, the postholder plays a critical role in shaping assurance strategy, delivering high-quality assessments, and supporting the continuous improvement of cyber maturity. The environment is fast-paced and demands a proactive, analytical, and resilient approach to managing competing priorities and complex assurance challenges.

Deliver second-line assurance activities across IT, OT, technical architecture, and supply chain domains. Conduct control effectiveness reviews, risk-based assessments, and thematic assurance activities. Provide expert input into the development of assurance frameworks, methodologies, and reporting. Collaborate with first-line teams and third-line audit to ensure comprehensive assurance coverage. Produce assurance reports and dashboards for governance forums and regulatory stakeholders. Support regulatory inspections and audits, including evidence collation and response coordination. Track and verify remediation of assurance findings and contribute to lessons learned. Maintain awareness of emerging threats, technologies, and regulatory expectations to inform assurance planning. Lead, mentor, and develop a team of cyber assurance advisors to build capability and consistency. Promote a culture of cyber risk awareness and accountability across the organisation. Budget Responsibility: None (contributes to assurance planning and resource prioritisation). Line Management: up to >5 resources. Decision-Making Authority: Authority to define assurance scope and report findings to the Cyber Assurance Team Lead. Reporting Line: Reports to Cyber Assurance Team Lead. Strong experience in cyber assurance, audit, risk management or control testing within a regulated environment. In-depth understanding of cyber security frameworks (e.g., NCSC CAF, ISO 27001, NIST CSF, NIST 800-53). Domain-specific knowledge in at least one of: OT, IT, technical architecture, or supply chain security. Strong analytical, reporting, and stakeholder engagement skills. Degree or equivalent experience in cyber security, engineering, or a related field. Relevant certifications (e.g., CISA, CISSP,...

Cyber Incident Management Co-ordinator

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band 4B

About the role

To deliver, evolve and implement the Sellafield Ltd approach to managing cyber incidents, including processes, roles and escalation paths across Sellafield Ltd. The role will be responsible for following best practices and incident preparedness throughout the organisation, aligning with regulatory frameworks such as the Cyber Assessment Framework (CAF). This includes working collaboratively across Cyber Security, HR, Finance, Legal and Communication teams to deliver enterprise-wide outcomes.

Deliver the Cyber Incident Management capability across Sellafield Ltd, aligned to CAF Objective D and the broader Cyber Security strategy. Aid in the development and implementation of the Cyber Incident Management Plan (CIMP). Focused on a site wide co-ordinated response. Drive and facilitate the evaluation of Incident preparedness programme to ensure effectiveness and alignment with business needs. Co-ordinate with HR, Training, Communications, Finance and the wider organisation in educating understanding and rehearsing roles & responsibilities during a cyber incident. Designing and facilitating development programmes to enhance incident preparedness across Sellafield Ltd. Coordinate and enhance post incident reviews for cyber incidents, ensuring continuous improvement. Perform Cyber Incident Exercises (CIE) to various audiences to enhance incident preparedness. Act as an incident commander when an incident arises, bringing the necessary resources together to drive incident resolution. Facilitate and conduct post incident reviews for continuous improvement. Act as an SME within the Incident management and cyber operations consultancy pillar across Sellafield Ltd. Contribute to the enhancement of the CIR capability. Facilitate relationships with external providers and institutions to support the capability pipeline and training delivery. Represent CS&IA in internal forums, promoting best practice and continuous improvement. Operates under the direction of the Incident Response Team Lead Influences stakeholders across Cyber Security, HR, and the wider organisation. Coordinate the Sellafield Ltd incident management process, working with HR, Communications, Finance and the wider organisation. Experience in cyber incident response...

Security, Culture, Education & Awareness Team Lead

Closing in 3 days View

Role area IT Information Services
Location Sellafield or Risley
Band 4A

About the role

To lead the development and implementation of a strategic approach to cyber security culture, education, and awareness across Sellafield Ltd. The role will be responsible for embedding secure behaviours, reducing human-related cyber risk, and ensuring alignment with regulatory frameworks such as the Cyber Assessment Framework (CAF). This includes owning the strategic direction for cultural transformation, leading capability development, and working collaboratively across Cyber Security, HR, Training, and Communications to deliver enterprise-wide outcomes. This is a newly established role within Sellafield Ltd’s Cyber Security function, created to address the increasing need for a strategic and coordinated approach to cyber security culture and awareness. The postholder will be instrumental in shaping how the organisation embeds secure behaviours and reduces human-related cyber risk. Operating in a complex and regulated environment, the role requires strong collaboration across multiple functions and the ability to influence cultural change at scale. The capability is in its early stages of maturity, requiring significant development to reach a business-as-usual standard, including the creation of career pathways, training programmes, and a motivated, skilled workforce.

Own and deliver the Cyber Security Culture, Education & Awareness Strategy, aligned to CAF Objective B and the broader Cyber Security strategy. Lead the development and implementation of a Cyber Security Capability Plan focused on behavioural change, education, and awareness. Define and maintain a career pathway and competency framework for the Security Culture, Education & Awareness (SCEA) capability. Lead the creation and development of the SCEA capability, including talent pipeline strategy. Collaborate with HR, Training, Communications, and Unions to embed cyber awareness into organisational learning and development programmes. Undertake capability analysis to assess resourcing needs and support the identification and provision of appropriately skilled resources. Manage the rotation and development of resources, supporting enterprise-wide priorities. Identify and recommend development opportunities for personnel within the capability, including professional qualifications and external accreditation. Lead the development and delivery of cyber awareness campaigns, training packages, and behavioural change initiatives. Oversee the evaluation of education and awareness programmes to ensure effectiveness and alignment with business needs. Manage relationships with external providers and institutions to support the capability pipeline and training delivery. Provide career development advice and support to individuals. Ensure accurate and robust records are maintained within HR systems, including SQEP role mapping. Support the development of centres of expertise and knowledge management arrangements for CS&IA. Represent CS&IA in internal and external forums, promoting best practice and continuous improvement. Line management of a small team 2 FTE. ...

Location

Contract type

Band

Fill in the form that pops out with your email address and desired contact frequency then click the 'Subscribe' button on the form.

You will have the choice to opt out of the alert in the email confirmation.