Our IT ambition is to be recognized for ‘Transforming National Grid into the leader of the digital energy future’.
Market innovation will drive the digital utility.
We plan to enhance our IT offerings, mature the way we interact with our business partners, and transform the culture of our teams.
Culturally, we will be placing a stronger emphasis on designing systems around the end user. We are establishing an operating model based on accountability and empowering our workforce to share ideas and drive continuous improvement. There will be clear career options within the company, both management and technical. We are focusing on enhancing and investing in both leadership capability and developing necessary technical expertise.
Back to Job Navigation (Overview)
What makes you a successful Information Technology team player at National Grid?
Check out the top traits we’re looking for and see if you have the right mix.
- Results Driven
Back to Job Navigation (Success)
Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.
To provide support to National Grid IT Delivery Centers (DC) in order to support, advise, challenge and monitor (through metrics and assessments) the way that risks are managed, controls are implemented, and findings are addressed.
To take the lead in improving processes and coaching more junior members of the team and reviewing their work.
This is a 2nd line of defence role within the 3 Lines of Defence model for Risk Management.
• To provide ongoing support, advice and challenge for the 1st line of defense. Build knowledge of, establish and maintain good working relationships with, assigned DC(s).
• To be an SME on specific risks and related controls by providing such advice and support.
• To work with the IT DCs and other Technology Risk and Security teams to evolve our risk universe and control framework to address identified weaknesses and emerging threats.
• To assess the effectiveness of controls through the creation of KPIs/KRIs, analysis of metric data and by conducting assessments.
• To ensure risks are accurately articulated and appropriate business and IT approval is sought where risks are being accepted or exceptions are being granted.
• Work with the 1st line of defense to identify risk event root causes and remediation plans.
• To manage risks, controls and findings within the Archer eGRC tool.
• To act as a role model for and coach more junior members of the team.
• To review work done by other members of the team as part of defined QA processes.
Knowledge and Capabilities:
• At least 5 years of experience in managing information systems or information/cyber security risk according to an industry standard approach.
• Knowledge of the 3 Line of Defense model for Risk Management.
• Able to demonstrate a high degree of credibility and influence senior stakeholders within the Organisation.
• Ability to communicate effectively both orally and in writing.
• Excellent knowledge of information/cyber security and related principles.
• Thorough knowledge of IT and information/cyber security controls.
• Self-motivated, able to deliver with minimal supervision, and always aware of the “bigger picture”.
• Experience of relevant standards, frameworks and regulations including some of: NIS Directive, GDPR, NERC CIP, Sarbanes Oxley, PCI, NIST Cyber Security Framework, HIPAA, UK Directive 105, US Data Privacy related laws, CFATS, CCPA, MAS 201, RIITPA, NIST 800-53, COBIT 5.
• Experience in the Critical National Infrastructure (CNI) and utility industry experience preferred.
- CRISC Certified
- Educated to degree levels in math, science or computers
- 1-5 Years Risk Management experience, Information Security and Compliance
- Ability to interface effectively with other Security and Technology Risk Teams, Information Technology Leadership Team (ITLT), Control Owners, Control Operators, Enterprise Risk Management, National Grid Business Units
- Information Systems Certifications such as CISSP, CISM or CEH, preferred
- CISSP Certification, preferred
- Working knowledge of Archer, preferred
- Business skills such as Commerciality, Project Management, Stakeholder Engagement, Customer Focused, Performance Excellence and Data Management are desirable
This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.
We support developing the skills and capabilities
of young people in the science, technology, engineering and mathematics (STEM)
subjects. It supports our future talent recruitment and our desire to see young
people gain meaningful employment.
Learn more about our Student Programs
News, debate and analysis on the US energy industry
U.S. Connecting is our thought-leadership site providing news, debate and analysis for internal and extrenal audiences.
Back to Job Navigation (Trending)