Skip to content

Cyber Security and Information Assurance Inspector

About the role

The role of the Cyber Security and Information Assurance Inspector is to ensure that the civil nuclear industry adequately manages risks to systems and information. The role encompasses the regulation of Information Technology, Operational Technology and Sensitive Nuclear Information across the nuclear fuel cycle through enabling, influencing and ensuring the compliance, management and performance of those we regulate. This post requires a certain amount of travel including overnight stays.
To be effective, the candidate will require a breadth and depth of expertise relating to cyber security including technical, personnel and procedural aspects. 

They will:

  • conduct regulatory interventions
  • assess dutyholders' security arrangements
  • investigate cyber security incidents
  • support cyber security exercises
  • contribute to the development of policy
  • maintain currency of regulatory guidance
  • liaise with other regulators, both domestically and internationally, and with various government security and intelligence agencies as appropriate

The candidate may also be required to represent ONR at security events and forums.

Over time, the successful candidate will be offered the opportunity to progress and broaden their cyber security expertise within ONR and/or work closely with other related disciplines such as Protective Security, Emergency Preparedness and Response, Control and Instrumentation and Human Factors. They will also be supported in their development with a comprehensive learning and development programme covering both technical and regulatory training.

Candidates must be able to demonstrate the following qualifications, experience and behaviours:

Experience

To be effective, the candidate will require a breadth and depth of expertise and skills in technical areas (such as cyber defence, detection, response, and recovery); and a firm understanding of personnel/procedural areas (such as leadership and management, culture, and competence) related to information risk management and cyber security. This is likely to include:

  •  Extensive understanding of the principles, processes and challenges of information risk management and its practical application in a nuclear or high-hazard environment;
  • Knowledge of current cyber threats and technical security vulnerabilities;
  • Application of government protective security procedures and making balanced judgements on adequacy;
  • Proficiency at managing security risks in a regulated environment;
  • Leadership in the assessment of cyber security arrangements, including the conduct of audits, assurance activities and/or compliance inspections;
  • Delivery of concise, accurate, high quality written reports to tight deadlines;
  • Proven effective judgement and decision-making skills, including an understanding of strategic impact, gathering, and analysing relevant information, evaluating options, applying logical reasoning, and making effective and proportionate risk-based recommendations;
  • Being open and communicative through the ability to demonstrate highly articulate verbal and written communication skills, including the ability to present complex technical matters to a non-expert audience;
  • Demonstrable strong influencing skills and an ability to persuade by working collaboratively and flexibly with all stakeholders, showing appropriate interpersonal sensitivity, self-awareness, and assertiveness;
  • Evidence of managing projects through sound planning, prioritisation, and timely delivery of work to very high standards;
  • Evidence of effective and professional behaviours throughout delivery of roles and
  • Ability to obtain a national security clearance at SC level or above.

 

How to apply

Please visit our recruitment portal.