Job Purpose

To manage and lead the Gas Transmission 2nd line of assurance cyber and technology programme and the requisite benefits identified in line with the agreed delivery timeline to meet Gas Transmission's Cyber Strategy and the External Obligations.

As an Assurance Lead, you will plan and deliver a range of assurance activities (15-20 per year) across the various businesses and operations of Gas Transmissions, harnessing a deep understanding of business strategy, control frameworks and risk appetite to provide independent assurance on the design and effectiveness of processes and controls used mitigate business risk. You will provide recommendations to drive effective and efficient control frameworks and processes, employing best practices to support the business in its focus on continuous improvement.

Key Accountabilities

To assist the Assurance Manager in the development of assurance strategies.
Develop, agree and lead the programme of Tier 2 Assurance activities, working across a Network of Business leads to raise GT's cyber resilience to a level that meets GT's Policy and working with Digital Risk & Security to ensure it aligns us to the required standards outlined in the NIS directive
Collaborate with GT to improve how we operate through undertaking ad-hoc in-depth assurance reviews / investigations of asset management processes / activities.
Manage the Business Improvement Request (BIR) tracker system, recording agreed actions from assurance activities, asset health checks and HSE Inspections, and providing the timely reporting to enable line managers to monitor and progress closure of actions
Review and analyse 2nd line management assurance reports and Cyber Health Checks, to identify trends / common themes, to develop and propose improvement actions.
Lead on the development and execution of key ISO standards e.g. ISO27001, ISO20000
Provide assurance over 1st line managements analysis of the potential benefits of new products, materials, methods & systems.
Develop and deliver a programme of Tier 2 assurance audits that provides GT with feedback on the compliance with standards associated with cyber and security.
Provide controls advice and expertise to GT business managers incl support to embed 1st line assurance for cyber.
Provide SME support to the development of policies and standards
Facilitate implementation of assurance policies and initiatives by business managers
Lead on internal audits for cyber
Represent the team by attending key SHEs working groups such as the Cyber security Group ensuring information is communicated across GT as appropriate.
Contribute to the continual education of colleagues across GT in relation to cyber
Support GT's Cyber Risk Management capability by establishing and delivering training and communication plans

Technical / Specialist Skills and Experience

Membership of, and/or qualification issued by a professional body (Eg, IRCA is desired)
Excellent understanding of ISO (27001, 20000 and other related standards) and its application within GT, including audit and assurance experience with the ability to provide insights and expert guidance as appropriate.
Demonstrable experience in GT's approach to the 3 lines of defence model, business processes and their criticality in an asset management environment.
Solid interpersonal skills with the ability to communicate, influence and challenge across all disciplines and levels within the organisation, and a proven track record in developing effective relationships across the organisation.
Analytical: has a structured approach, someone who can understand complex processes and can extract key information from systems and people.
Self-motivated: is organised and able to work independently as well as being a 'people person' enabling you to work effectively on your own and as part of the wider team.
Adaptable: You'll chair meetings and report your findings to both internal and external stakeholders at various levels so we are looking for someone who can tailor information and style to meet the needs of each group.
You will be the 'go to person' for all things assurance so we are looking for someone who has an eye for detail and a proven background within an audit/business assurance role.
Good programme assurance experience, with proven track record for delivering assurance and/or audits within multinational utility/asset management companies or operations/functional experience from utility/assessment management companies.
Good knowledge and understanding of project methodologies, assurance delivery and practices, internal control frameworks and risk management activities. Skills in applying internal auditing principles and practices
Demonstrable track record of developing successful, long lasting, relationships across the business including: ability to engage, challenge and influence senior managers, deal effectively with resistance to proposals and secure their buy-in and support.
Highly competent in Microsoft Office (e.g. Project, PowerPoint, Excel, and Word)

Qualifications

Degree standard or equivalent experience
Full Driving LicenceEssential:

Audit qualification (preferably in ISO27001 / 20000 or equivalent)
Travel to GT Sites required

Desirable:

Membership of, and/or qualification issued by a professional body (Eg, IRCA is desired)

Internal:

All functions - Assessment of adherence to policies and controls through 2nd line assurance activities. Assessment of suitability and adherence to Cyber and Technology management systems including the policy suite and over-arching management frameworks through 2nd line assurance activities.
Security - Advice and counsel regarding interpretation of legislative requirements, standards and wider governmental advice.

External:

Auditors (LRQA) - manage and influence the relationship to cover key requirements
Standards bodies - Develop and manage the relationship and influence legislative change
Industry bodies and forums - Develop and manage the relationship and share learning

Leadership Qualities & Business Capabilities

Business Capabilities
Performance Excellence
Stakeholder Engagement
Project Management
Commerciality
Customer
Data Management
Asset Management

Or check similar jobs