Head of Cyber Defence

OVO Energy

Full Time

3 months ago

Apply now

Role OVO-View

Location: Hub based! Bristol, London or Glasgow

But you have the flexibility to work wherever suits you best

Team: Enterprise Security and Platforms

Salary banding: £104,750 - £126,270

Experience: Expert

Working pattern:Full-Time

Reporting to: Simon Goldsmith, Director of Enterprise Security & Platforms

Sponsorship: Unfortunately we are unable to offer sponsorship for this role.

This role in 3 words: Industrialising, Resilient, Performance

Top 3 qualities for this role: Thorough, Collegiate, Creative

In the words of the team, you should leave your current role for this one because….

“You will lead the teams that build and operate OVO’s capabilities to detect, respond to, learn from and anticipate cyber attacks. This includes setting up a new attack surface management team to continuously monitor OVO’s attack surface, administer our identity platform and oversee the response arising from misconfigurations and vulnerabilities. The solutions that cyber defence build and operate power the identification and reduction of downside risk and increase the chances for technology to enable Plan Zero.”

Everyone belongs at OVO

At OVO, we are on a mission to solve one of humanity's biggest challenges, the climate crisis. And we know it takes all of us to change the world. That's why we need diverse people from all abilities, gender identities, ethnicities, ages, sexual orientations, life experiences and backgrounds to join us.

Teamworking for the planet

Everything we do here spins around Plan Zero. So, naturally, the team you’ll be joining plays a gigantic role in making that happen. Here’s how:

We’re hiring creators, challengers and coaches. Every role we’re hiring puts people at the heart of our information security strategy and uses technology and operational processes to build a resilient and performant business. The Path to Zero is paved with well-informed risk and reward decisions!

This role in a nutshell:

You will lead the team responsible for preparing for, detecting, learning from and anticipating security incidents that threaten OVO’s mission and customers. You will lead the team that collaborates with our security service providers and internal technology and business teams to build and verify asset and threat tactic, technique and procedure detection coverage, manage our identity attack surface and automate workflows to identify and respond to attacks and misconfigurations rapidly and accurately.

Your key outcomes will be:

Engage: tell compelling stories and land messages with clarity to inspire and engage those who we work with, both within and outside Enterprise Security & Platforms.
Pioneer: scan the horizon, innovate, and challenge ourselves and others to stay ahead of the threat and risk landscape.
Drive: fix ill-defined problems, lead our people and the business through unpredictable events, learn from those events and anticipate opportunities and threats so that we deliver on our security risk reduction goals.
Strategise: understand the threat and business context in which OVO operates and how the data, systems and processes fit together. Use critical thinking and rigorous decision-making to protect the future health of our business and safeguard our customers..
Connect: serve and care for our people. Create an inclusive culture so all of our people feel they truly belong, are heard, and can be themselves. Develop people – coach them, advance their potential, and encourage them to contribute.

Systems Familiarity aligning teams on the following technologies and platforms would be advantageous:

GRC platforms (e.g. Hyperproof)
Third Party Risk and Contract Management (e.g. Prevalent)
Cloud Native Application Protection and Cloud Security Posture Management (e.g. Wiz)
GCP, AWS and Azure native security and compliance monitoring
CI/CD product development pipelines and automation
SaaS discovery, event monitoring and security posture management
Identity and Access Management and Privileged Access Management platforms
Application Security Verification Standard and related technologies
Web Application Firewall and Zero Trust Solutions (e.g. Cloudflare, BeyondCorps)
Security Information and Event Management (SIEM) and Security Orchestration and Automated Response (SOAR)
Endpoint, Cloud and Identity Detection and Response
Issue and Project Tracking (Jira)
Cyber Asset and Attack Surface Management
Infrastructure Vulnerability Scanning

You’ll be a successful Head of Cyber Defence at OVO if you…

Are a coach: you have a passion for innovating new approaches to cyber security as well as industrialising proven methods and are able to inspire change across leadership and engineering teams.
Are a challenger: you embrace failure and use insights from OVO and external intelligence to drive security risk prevention and response alignment. You are a champion for confronting fear, uncertainty and doubt with transparency, data and clear-thinking on incident and risk management priorities.
Are a creator: you get energy from the unknown and are able to trust your judgement when you don’t have all the information. You are able to bring cross-functional groups of people together to solve big, chunky problems.

Let’s talk about what’s in it for you

We’ll pay you between £104,750 and £126,270 depending on your specific skills and experience. If your expectations are a little different, have a chat with us!

We keep our pay ranges broad on purpose to give us, and you, flexibility to match your experience to our zero carbon mission.

You’ll be eligible for an on-target bonus of 15%. We have one OVO bonus plan that focuses on the collective performance of our people to deliver our Plan Zero goal.

We also offer plenty of green benefits and progressive policies to help you feel like you belong at OVO…and there’s flex pay. It’s an extra 9% of your salary on top of your core pay to use as you like. You can take it as cash, add to your pension, or choose to spend it on a huge range of flex benefits. Here’s a taster of what’s on offer:

For starters, you’ll get 34 days of holiday (including bank holidays). For your healthWith benefits like a healthcare cash plan or private medical insurance depending on your career level, critical illness cover, life assurance, health assessments, and moreFor your wellbeingWith gym membership, gadget, travel and cyber insurance, workplace ISA, will writing services, DNA testing, dental insurance, and more For your lifestyle With extra holiday buying, discount dining, culture cards, tech loans, and supporting your favourite charities with give-as-you-earn donationsFor your home Get up to £300 off any OVO Energy plan (when you pay by Direct Debit), plus personal carbon offsetting and great discounts on smart thermostats and EV chargersFor your commute Nab a great deal on ultra-low emission car leasing, plus our cycle to work scheme and public transport season ticket loans Want to hear about our full range of flexible benefits and progressive people policies? Our People Team can tell you everything you need to know.

For your Belonging

To find better ways to support our people, we need to listen to each other’s experiences and find ways to build a truly inclusive and diverse workplace. As part of this, we have 8 Belonging Networks at OVO. Led by our people, for our people - so when you join OVO, you can play a part - big or small - with any of the Networks. It's up to you.

Oh, and one last thing...

We’d be thrilled if you tick off all our boxes yet we also believe it’s just as important we tick off all of yours. And if you think you have most of what we’re looking for but not every single thing, go ahead and hit apply. We’d still love to hear from you! If you have any additional requirements, there’s a space to let us know on the application form; we want to make the process as easy and comfortable for you as possible..