At Sellafield Ltd, we are harnessing our expertise; bringing together world-class skills and innovative technology to solve complex nuclear, infrastructure, and engineering challenges. By joining Sellafield Ltd, you join an amazing team of people, from all walks of life, where you can thrive in a connected, considerate culture of innovation, collaboration, and community; and play a significant part in the UK's sustainable nuclear future. The challenges we face are amongst the most complex anywhere in the world. We are using advanced technologies to shape, create and advance the world’s nuclear decommissioning knowledge and capability. That’s why our work is driven by people with a passion for problem-solving and innovation.
The Cyber Risk Team Lead is responsible for managing the organisation’s cyber risk management and reporting activities. Reporting to the Head of Governance, Risk, Compliance and Assurance, this role plays a key part in ensuring that cyber risk is effectively monitored, recorded, and communicated across the organisation. The role ensures alignment with enterprise risk frameworks and supports the identification of trends, gaps, and mitigation progress across the cyber risk landscape. Maintain and operate the cyber risk register, ensuring accurate recording, categorisation, and alignment with risk appetite. Coordinate with system owners and SMEs to validate and update risk entries and mitigation plans. Lead the routine cyber risk review cycle, preparing agendas, materials, and facilitating discussions. Produce high-quality risk summaries, dashboards, and heatmaps for operational and executive audiences. Develop thematic and trend-based risk reports to support strategic decision-making. Ensure timely escalation and de-escalation of cyber risks, with appropriate ownership and documentation. Support integration of cyber risk into enterprise risk and assurance frameworks. Liaise with corporate risk, internal audit, and business continuity teams to ensure alignment and consistency. Contribute to risk governance forums, steering groups, and review boards. Drive continuous improvement of cyber risk methodologies, tools, and reporting processes. Support third-party and supply chain cyber risk assessments, including critical supplier identification and assurance. Collaborate with procurement and commercial teams to embed cyber risk considerations into supplier selection and contracting. Lead a small team of cyber risk professionals. Strong understanding...
At Sellafield Ltd, we are harnessing our expertise; bringing together world-class skills and innovative technology to solve complex nuclear, infrastructure, and engineering challenges. By joining Sellafield Ltd, you join an amazing team of people, from all walks of life, where you can thrive in a connected, considerate culture of innovation, collaboration, and community; and play a significant part in the UK's sustainable nuclear future. The challenges we face are amongst the most complex anywhere in the world. We are using advanced technologies to shape, create and advance the world’s nuclear decommissioning knowledge and capability. That’s why our work is driven by people with a passion for problem-solving and innovation.
We are seeking a Head of GRCA to define and lead the strategic direction of cyber governance, risk management, compliance and assurance across Sellafield Ltd. This is a pivotal leadership role in safeguarding Sellafield Ltd’s digital and operational environments, operating within a highly regulated and complex nuclear sector. The successful candidate will be responsible for developing and embedding governance frameworks, risk strategies, and assurance activities that go beyond regulatory compliance, the role ensures cyber security is integrated into business decision-making and operational delivery. As a senior leader within the business, you will be responsible for shaping Sellafield Ltd’s cyber security posture and ensuring alignment with both organizational priorities and the wider nuclear sector. The Head of GRCA will lead a specialist team and work closely with senior leaders across the Enterprise to ensure cyber risk is effectively managed and communicated. Act as Process Owner for Cyber Security governance, risk, compliance, and assurance across Sellafield Ltd, ensuring frameworks remain effective, integrated, and aligned with enterprise risk strategy. Lead and develop a high-performing GRCA team, fostering a culture of accountability, collaboration, and continuous improvement. Provide strategic leadership on cyber governance and assurance across ICT, shaping policy, risk posture, and compliance strategy in line with business and regulatory priorities. Oversee the development and delivery of 2nd line assurance capabilities, working with 1st and 3rd line teams to maintain confidence in cyber controls and risk management. Drive continuous improvement of cyber security processes, controls, and metrics to enhance resilience,...
Fill in the form that pops out with your email address and desired contact frequency then click the 'Subscribe' button on the form.
You will have the choice to opt out of the alert in the email confirmation.
