National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Lead Cyber Security Engineer

ScottishPower
Glasgow
2 weeks ago
Create job alert

3 days ago Be among the first 25 applicants

ScottishPower HQ, Glasgow – hybrid working

Salary:£61-77K (plus up to 15% bonus and single healthcare cover).

Permanent, Full Time

Help us create a better future, quicker

Joining ScottishPower within our Customer Business, you’ll be responsible for delivering all technical aspects of the Retail Business Cyber Assurance workstream.

You’ll lead on all technical deliveries, vulnerability management and mitigating control delivery which feeds into the Cyber Assurance Strategy. You’ll focus on our UK Operations Energy Customer applications, and drive assurance activities interfacing with senior management.

What You’ll Be Doing

This personplays a key role in driving a programme of security improvements to help deliver a secure-by-design system landscape. In this role you will be responsible for driving significant system and process changes to our application portfolio to support these improvements, which span across multiple technologies and 3rd party vendors. We are looking for IT professionals with strong technical and leadership skills to join our growing technology focused team.

Responsibilities include but are not limited to –

  • Help to develop and define security standards and best practice
  • Report on key risk indicators and introduce mitigation plans where required
  • Work with the Cyber Security Workstream Lead to define the roadmap to implement and maintain a secure architecture.
  • Manage the adherence to security architecture standards and best practice
  • Have a good understanding of the full technical stack, including security controls as well as their effectiveness
  • Setup and maintain security logging, monitoring, metrics & reporting systems for fine-grained security observability of Digital environment and actionable alerting
  • Implement automated security testing of Digital applications (e.g. DAST, SAST, IAST, RASP)
  • Collaborate with product and engineering teams to integrate security best practices into Digital applicationsCollaborate with product and engineering teams to integrate security best practices into Digital applications
  • Conduct regular security checks and audits and provide recommendations for continuous improvement.
  • Act as a cyber security professional, providing advice and guidance to other team members and the wider business
  • Plan and implement solutions for backup and recovery, high availability, secrets & key management, and other strategic initiatives
  • Work closely with relevant technical teams to ensure vulnerabilities are identified and remediated (e.g. automated scanning, pen tests, patching etc.), and cultivate a strong security culture across the organisation
  • Participate in all audit activities to ensure compliance with internal standards as well as supporting external audit compliance with relevant standards e.g. ISO27001

What You’ll Bring

  • The successful applicant for this role may be required to undergo and obtain a positive outcome from pre-employment screening in accordance with the requirements of British Standard BS7858.

The post holder will be degree educated, with significant experience of contributing to the IT security strategy of an organisation of similar size and scale to ScottishPower, and preferably hold relevant industry qualifications (e.g., CISSP, CISM and ISO27001).

You’ll Have Proven Experience And Knowledge Of

  • Security Risk Management including the development, recommendation, and delivery of remediation plans
  • Assessing and creating technical designs across multiple IT/Digital disciplines and defining appropriate controls
  • Deliver a penetration testing and control assurance testing programme, mitigation plans where existing controls are deemed not fit for purpose
  • Specialist knowledge of security tools and their successful implementation
  • Security best practice and understanding of vulnerability and risk management in an environment of mature security posture
  • Good understanding of the full technical stack, enabling you to work effectively with different teams including architecture, networking, security, operations, cloud, UNIX, DBAs and application developers (front end / back end)

What’s In It For You

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%.

Benefits

At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that - so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include:

  • 36 days annual leave
  • Holiday purchase – perfect your work/life balance with extra annual leave
  • Share Incentive Plan and Sharesave Scheme
  • Payroll giving and charity matched funding
  • Technology Vouchers – save more and spread the cost of your technology purchases
  • Count us in – pledge to reduce carbon emissions and help fight climate change
  • Electric Vehicle Schemes – to help you transition to green/clean driving
  • Cycle to Work scheme and public transport season ticket loans
  • Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments
  • Life Assurance (4x salary)
  • Access to ‘nudge’ financial wellbeing support
  • Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why ScottishPower

ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.

ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to .

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.

IMPORTANT

Advert will close at 23:59 GMT the day beforeJob Posting End Datebelow

July-10-2025Seniority level

  • Seniority levelMid-Senior level

Employment type

  • Employment typeFull-time

Job function

  • Job functionInformation Technology
  • IndustriesUtilities

Referrals increase your chances of interviewing at ScottishPower by 2x

Get notified about new Cyber Security Engineer jobs inGlasgow, Scotland, United Kingdom.

Glasgow, Scotland, United Kingdom 1 week ago

Glasgow, Scotland, United Kingdom 1 day ago

Glasgow, Scotland, United Kingdom 2 days ago

Glasgow, Scotland, United Kingdom 1 month ago

Bellshill, Scotland, United Kingdom 2 weeks ago

Glasgow, Scotland, United Kingdom 1 week ago

Cyber Security Project Manager | Hybrid (2 Days onsite - Glasgow) | £300-£350 p/d (Inside IR35)

Glasgow, Scotland, United Kingdom 2 weeks ago

Stirling, Scotland, United Kingdom 5 days ago

Fire & Security - Service Engineer - Hybrid

Stirling, Scotland, United Kingdom 1 week ago

Cyber Security Project Manager (Change and Transformation)

Glasgow, Scotland, United Kingdom 1 day ago

Glasgow, Scotland, United Kingdom 3 months ago

Erskine, Scotland, United Kingdom 3 months ago

Linux Cryptography and Security Engineer

Glasgow, Scotland, United Kingdom 3 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.


#J-18808-Ljbffr

Related Jobs

View all jobs

Lead Cyber Security Engineer

Lead Cyber Security Engineer

Lead Cyber Security Engineer

Lead Cyber Security Engineer

Senior Lead, Cyber Security Engineer - (Encryption and O365 Security)

Senior Lead, Cyber Security Engineer - (Encryption and O365 Security) | London, UK

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs Careers

Cyber Security Jobs Skills Radar 2026: Emerging Frameworks, Tools & Certifications to Learn Now

Cyber threats are evolving—and so must the people defending against them. As ransomware, AI-enhanced phishing, and supply chain attacks grow more advanced, UK employers are urgently hiring cyber security professionals with the right mix of strategic and hands-on skills. Welcome to the Cyber Security Jobs Skills Radar 2026, your go-to guide for the most in-demand tools, frameworks, certifications, and technologies shaping the UK's cyber workforce. Whether you're a SOC analyst, penetration tester, or cloud security architect, this annual radar is designed to help you stay ahead of the market.

Jobs

How to Find Hidden Cyber Security Jobs in the UK Using Professional Bodies like BCS, CIISec & More

The demand for skilled cyber security professionals in the UK has never been higher. With threats increasing in sophistication and frequency, organisations are urgently hiring ethical hackers, threat analysts, GRC specialists, and security architects. But many of the most valuable roles—particularly in government, defence, and critical infrastructure—are never publicly advertised. Instead, these jobs are shared behind the scenes through trusted networks, private communities, and professional bodies. In this article, we explore how to uncover hidden cyber security jobs in the UK using organisations like the BCS (The Chartered Institute for IT), CIISec (The Chartered Institute of Information Security), ISACA, and ISC² UK Chapter. We’ll show you how to use membership directories, special interest groups, CPD events and informal networks to gain early access to roles most people never see.

Jobs

How to Get a Better Cyber Security Job After a Lay-Off or Redundancy

Redundancy is never easy—especially in a fast-moving field like cyber security, where your skills and experience are constantly evolving. But if you’ve recently been made redundant from a cyber security role, know this: the UK cyber workforce remains in high demand, and your expertise is more valuable than ever. Whether you’re a SOC analyst, penetration tester, incident responder, security architect or GRC specialist, there are still thousands of opportunities across sectors including finance, defence, government, retail, and critical infrastructure. This guide will help you turn redundancy into a career relaunch, with a clear action plan tailored to the UK cyber security job market.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.