Role OVO-View

Location: Bristol, London, Glasgow or Remote! (You have the flexibility to work wherever suits you best)Team: Information SecuritySalary banding: £71,240 - £111,130Experience: ExpertWorking pattern:Full-TimeReporting to: Head of Information SecuritySponsorship: Unfortunately we are unable to offer sponsorship for this role.This role in 3 words: Creator, Challenger, CoachTop 3 qualities for this role: Problem-solver, Curious, Collaborative

In the words of the team, you should leave your current role for this one because….

“You'll manage the team that drives and enables security by default and design across OVOTech. This includes selecting and implementing coaching, workflows and tooling to model threats, identify security risks and embed and document verification of build and runtime security. The solutions that security engineering build and operate power the reduction of downside risk thereby enhancing the opportunities for technology to enable Plan Zero.”  

Everyone belongs at OVO

At OVO, we are on a mission to solve one of humanity's biggest challenges, the climate crisis. And we know it takes all of us to change the world. That's why we need diverse people from all abilities, gender identities, ethnicities, ages, sexual orientations, life experiences and backgrounds to join us.

Teamworking for the planet

Everything we do here spins around Plan Zero. So, naturally, the team you’ll be joining plays a gigantic role in making that happen. Here’s how:

We’re hiring creators, challengers and coaches. Every role we’re hiring puts people at the heart of our information security strategy and uses technology and operational processes to build a resilient and performant business. The Path to Zero is paved with well-informed risk and reward decisions!

This role in a nutshell:

The security engineering team collaborates with OVO’s Engineering teams to secure the design and configuration of OVO applications, infrastructure and secure access to OVO’s resources. As a Senior Security Engineering Manager you'll pioneer an innovative and inclusive culture, inspire with compelling security stories and land messages with clarity to  engage those who the team work with, both within and outside the Enterprise Security and Platforms team.

You'll personally excel at implementing reliable tools to prevent, mitigate or automatically remediate mis-configurations and vulnerabilities and extending operational excellence across all OVO-built and accessed applications and infrastructure. Crucially you'll serve and care for the people in security engineering creating an inclusive culture so all of our people feel they truly belong, are heard, and are open and encouraged to contribute to OVO’s security mission.  

Your key outcomes will be:

• Lead the strategic design of mechanisms to incentivise and enable the security of OVO’s data, applications, infrastructure and access. 
• Collaboration with engineering teams and system administrators to develop and configure comprehensive security measures that align with OVO's goals and objectives. 
• Provide OVOTech with a range of centrally operated security mechanisms and services, including web application firewalls, cloud and application security platforms, threat and risk assessments and penetration testing.
• Implementing secure coding practices to prevent common vulnerabilities in software development.
• Provide the cyber defense team with support during and post incidents to contain the damage, mitigate the impact, and facilitate the recovery of affected systems and data. 
• Lead the analysis of vulnerabilities, misconfigurations, near-misses and incidents to enhance future security issue and incident handling and improve overall security posture. This includes identifying lessons learned, implementing necessary changes to security controls and procedures, and supporting the training and awareness programme to educate employees on security best practices.
• Lead and develop a highly motivated and respected team which actively participates in community events, engages in continuous learning, and collaborates with other security professionals to stay updated on emerging threats and effective security strategies.

Systems. Familiarity with the following technologies and platforms would be advantageous (not a must have or exhaustive list):

• Cloud Native Application Protection and Cloud Security Posture Management (e.g. Wiz)
• GCP, AWS and Azure native security and compliance monitoring
• CI/CD product development pipelines and automation
• SaaS discovery, event monitoring and security posture management
• Identity and Access Management and Privileged Access Management platforms
• Application Security Verification Standard and related technologies
• Web Application Firewall and Zero Trust Solutions (e.g. Cloudflare, BeyondCorps)
• Security Information and Event Management (SIEM) and Security Orchestration and Automated Response (SOAR)
• Endpoint, Cloud and Identity Detection and Response
• Issue and Project Tracking (Jira)
• Cyber Asset and Attack Surface Management
• Infrastructure Vulnerability Scanning

You’ll be a successful Senior Security Engineering Manager at OVO if you…

• Are a coach: you lead your engineering community and provide practical support and approaches to integrate security with OVOTech and business processes. You inspire others to develop simpler more automated approaches to embedding security by default and design. 
• Are a challenger: you embrace failure and do not shy away from difficult conversations in order to drive security, product and engineering alignment. You are a champion for maximising the use of data and technology to enhance productivity and effective outcomes of security work.
• Are a creator: you are a hands-on engineer who understands the value of rotating between solving engineering problems and stepping back to view a longer time horizon. Switching between roadmap and sprint is something you control rather than are controlled by. 

Let’s talk about what’s in it for you

We’ll pay you between £71,240 - £111,130, depending on your specific skills and experience. If your expectations are a little different, have a chat with us!

We keep our pay ranges broad on purpose to give us, and you, flexibility to match your experience to our zero carbon mission.

You’ll be eligible for an on-target bonus of 15%. We have one OVO bonus plan that focuses on the collective performance of our people to deliver our Plan Zero goal. 

We also offer plenty of green benefits and progressive policies to help you feel like you belong at OVO…and there’s flex pay.  It’s an extra 9% of your salary on top of your core pay to use as you like. You can take it as cash, add to your pension, or choose to spend it on a huge range of flex benefits. Here’s a taster of what’s on offer: 

For starters, you’ll get 34 days of holiday (including bank holidays). For your healthWith benefits like a healthcare cash plan or private medical insurance depending on your career level, critical illness cover, life assurance, health assessments, and moreFor your wellbeingWith gym membership, gadget, travel and cyber insurance, workplace ISA, will writing services, DNA testing, dental insurance, and more For your lifestyle With extra holiday buying, discount dining, culture cards, tech loans, and supporting your favourite charities with give-as-you-earn donationsFor your home  Get up to £300 off any OVO Energy plan (when you pay by Direct Debit), plus personal carbon offsetting and great discounts on smart thermostats and EV chargersFor your commute Nab a great deal on ultra-low emission car leasing, plus our cycle to work scheme and public transport season ticket loans Want to hear about our full range of flexible benefits and progressive people policies? Our People Team can tell you everything you need to know.

For your Belonging

To find better ways to support our people, we need to listen to each other’s experiences and find ways to build a truly inclusive and diverse workplace. As part of this, we have 8 Belonging Networks at OVO. Led by our people, for our people - so when you join OVO, you can play a part - big or small - with any of the Networks. It's up to you.

Oh, and one last thing...

We’d be thrilled if you tick off all our boxes, yet we also believe it’s just as important we tick off all of yours. And if you think you have most of what we’re looking for but not every single thing, go ahead and hit apply. We’d still love to hear from you!

If you have any additional requirements, there’s a space to let us know on the application form; we want to make the process as easy and comfortable for you as possible..