Job Description

The IT Operations Security Lead is responsible for the overall Service Integration assurance and governance of our IT Infrastructure and Operations. Providing support for Cyber Security-impacting Incidents (and Major/Critical Incidents); as well as SACM and vulnerability assessment and patch management. Ensuring that our systems, applications, and data are adequately protected against potential threats and vulnerabilities.

The IT Operations Security Team will be responsible for identifying, assessing, and driving remediation efforts for vulnerabilities across Sellafield Ltd.’s on-premise and cloud infrastructure, adhering to stringent regulatory requirements and industry best practices.

The IT Operations Security Team will also be responsible for Access Management, including the design, implementation and maintenance of identity and access management solutions, enforcement of access policies and conducting regular access reviews. As well as point of approval for privileged activities and privileged Identity Management, and permissions aligning to the change agenda.

The IT Operations Security Lead operates within a highly regulated and technically complex environment, where the protection of critical infrastructure, data, and services is paramount. This role is central to ensuring the integration of security governance across IT operations, bridging the gap between infrastructure management and cyber resilience. The operating landscape includes a hybrid mix of on-premise and cloud platforms, demanding a deep understanding of both legacy systems and modern architectures.

The role is challenged by the need to maintain operational continuity while responding to evolving cyber threats, managing vulnerabilities, and supporting incident response efforts. It requires close coordination with Cyber Security, Service Management, and Change teams to ensure that security is embedded into every layer of IT service delivery. The lead must also navigate the complexities of identity and access management, ensuring that privileged access is tightly controlled and aligned with organizational change initiatives.

Operating under stringent regulatory oversight, the role demands a proactive approach to compliance, audit readiness, and continuous improvement. Balancing strategic oversight with hands-on technical engagement, the IT Operations Security Lead must drive a culture of accountability, resilience, and secure-by-design thinking across the IT estate.

Principal Accountabilities

• Implement and manage robust security protocols and procedures, identifying potential threats and vulnerabilities across operational processes.
• Oversee regular vulnerability assessments, ensuring rapid response and ongoing improvement of penetration testing plans and methodologies across systems and applications.
• Ensure clear understanding within the IT Operations Security Team of the criticality and importance of information and technology resources to enable effective prioritisation of monitoring and remediation.
• Drive policies and best practices across shadow Operational Technology systems, manage Pyramid access, and ensure alignment with defined processes.
• Act as the primary liaison for security-related matters, maintaining strong communication with the Cyber Team and cross-sector stakeholders to enhance access to threat intelligence, security analytics, and contextual information.
• Collaborate closely with IT and Cyber teams to strengthen the organisation’s security posture, support incident response, and contribute to the development and implementation of security policies, including process and governance for certificate and encryption key management.
• Provide oversight for the Access Management capability, managing team workload and ensuring delivery of privileged access management, including provisioning, deprovisioning, and auditing.
• In collaboration with CS&IA, ensure VA and ITHC results are analysed, triaged, and risk-scored based on potential business impact.
• Ensure the organisation’s risk appetite for information security is understood and applied across the area of responsibility, and confirm all suppliers meet patch management requirements tied to SLA/KPI obligations.
• Analyse and escalate risks from SLA/KPI shortfalls, feeding into CS&IA for assessment and upward reporting through the Governance, Risk, and Compliance structure.
• Oversee the development, maintenance, and continuous improvement of the identity and access management framework and account-level principles, working with ISO/ICT and business stakeholders to align with wider regulatory and organisational priorities.

Authorities & Dimensions

• Responsible for the oversight and performance Operations Security Team, within Service Delivery. The team will have a primary focus across vulnerability, and identity and access management.
• Line management of:
o IT Operations Security Analysts.
• Responsibility spans thousands of end users with a current Sellafield Ltd organisation size of circa. 12,000, multiple locations and IT infrastructure, devices and applications.
• Implementing and overseeing clear process for logging and monitoring identified vulnerabilities, root cause analysis, triage and prioritisation, and administration of corrective action.
• Working with relevant teams within ISO/ICT to set policy regarding updates, ensuring it is appropriate and in line with industry best practice. Where this policy is not enforceable, an appropriate senior-level risk owner should be identified and engaged on a regular basis.
• Building and maintaining relationships with relevant teams within ISO/ICT to ensure the importance of accurate cataloguing and classification of information and technology resources is understood.
• Provide coaching, mentoring and people management to the Service Operations Analyst

Essential Skills

• Degree in Cyber Security / Information Security or equivalent practical experience.
• CSIMP or equivalent baseline certification.
• Strong knowledge of security processes, procedures, and vulnerability management (on-premise and cloud).
• Experience using vulnerability scanning/management tools and interpreting results.
• Proven ability to analyse security issues, assess risks, and recommend corrective action.
• Experience leading and mentoring security teams in a collaborative environment.
• Solid understanding of identity and access management (IAM) principles.
• Strong analytical skills, able to identify patterns, trends, and communicate risks effectively to stakeholders.
• Must hold or commit to achieving DV clearance within 12 months of appointment.

Desirable Skills

• Experience in vulnerability management or IAM within a regulated environment.
• Relevant certifications (e.g., GIAC, GCIA, CISSP).

Additional Information

• Open VN
• Number of Vacancies: 1
• Contact/s: Gordon Fletcher

The interviews for this vacancy are expected to take place on 31st March 2026.

ASW’s may have the right to apply for internal Sellafield Ltd vacancies. Please note if you are an Agency Supplied Worker you are required to attach evidence of all qualifications obtained to support your application. We require a minimum of A*-C (9-4) GCSE in English Language, Maths & Science/IT or equivalent / higher qualification.

If you choose to apply for this role and your application is shortlisted by the hiring manager, you will be invited to a competency based interview. In the interview, you will be assessed against the below competencies:

Behavioural:
1. Commitment to Nuclear Safety and Security – 3.1.1
2. Commitment to Standards – 3.1.5

Technical:
1. Driving and facilitating change – 37.6
2. Using IT at work – 31.3

Please see link to the competency framework for further information:
https://slportal.ssa-intra.net/pub/SC001/00027/Competency%20Framework/Forms/AllItems.aspx

If your technical competency is not in the above framework, please refer to the profession’s share point page for further information.

During the interview, you will also be expected to give a 10 minute presentation on
Protecting Critical Nuclear Infrastructure from Evolving Cyber Threats.

This presentation should be sent to recruitment@sellafieldcloud.co.uk via email at least two working days before your interview. You should also take four paper copies of your presentation to your interview in case of any IT issues on the day.

Sellafield Ltd are recognised as a Disability Confident Employer (Level 3). Disability Confident employers offer an interview to disabled applicants that meet the minimum criteria for a vacancy. Sellafield Ltd define the minimum criteria as the ‘essential skills’ which are listed on the vacancy notice. Whilst completing your application form, you will be able to indicate if you wish to be considered under the disability confident scheme. If you would prefer to discuss this directly with us, please contact the GBS Recruitment team on recruitment@sellafieldcloud.co.uk

Please ensure that you save a copy of this advert for future reference if you make an application for this role.

The closing date for this vacancy is Sunday 15th March 2026.