Security Governance Analyst

We’re making zero carbon happen

We’re OVO Group, a big family of companies united by a single vision: to get to zero carbon, fast. 

We call this Plan Zero – and it shows how we’ll be fighting the climate crisis and transforming the way people use energy over the next decade. To do this, we need the sharpest minds. Are you up for the challenge?

Do great green things with OVO Energy

So much has changed since we launched in 2009.  Our goal remains the same though: make energy cheaper, greener, and simpler. Just as it was on day one.

Everyone belongs at OVO

Our aim is to build a diverse and inclusive movement: teams of brilliant people, with unique talents, skills, passions, and experiences. 

We encourage everyone to join us, whatever your gender identity, race, ethnicity, sexual orientation, age, life experience, or background. So please come as you are – we can’t wait to meet you.

Where in the world of OVO will I be working?

Our information security governance team leverages both technical knowledge and leadership skills to enable our business and technology teams to move quickly without compromising on security. We aim for clarity through a clear, simple, universally understood security framework and mechanisms for verifying the coverage & effectiveness of controls. And we are a centre of excellence for information security regulations for UK Energy retail. 

What will I be doing?

Key responsibilities include:

• Work with business and technology teams to understand the context for security decision-making.
• Be a security risk and controls lead providing guidance and developing the competence for teams in control implementation and monitoring.
• Develop automation for Governance, Risk and Compliance control monitoring.
• Lead threat and risk discussions and enable teams to balance competing interests.
• Scale security effort by empowering engineering teams with guidance, automated controls monitoring and training.
• Develop a deep understanding of OVO Energy’s organisational structure and develop security competence and security objective clarity in
  technology and business teams. 

Is this the job for me?

We're looking for someone who meets the minimum requirements to be considered for the role. If you meet these requirements, you are encouraged to apply.

Minimum requirements:

• You have low ego and a high degree of empathy
• You have strong communication skills, including developing and evangelising the benefits of thorough engineering practices including
  written technical or procedural documentation
• You have a breadth of applied knowledge either within Information Security (specifically NIST 800-53, cloud security posture management, securing DevOps and policy and standards development) OR DevOps (specifically automating regulatory and policy compliance monitoring, verification and SRE).
• You have an ability to understand risk within a regulated, dynamic, and rapidly growing environment. Moreover, you're able to up-level the ability for your business and technology partners to do the same.
• You have been involved with controls monitoring programmes in “you build it, you run it” technology companies and know how to drive business value from such initiatives.
• You think about information security as both an engineer and business manager, and know how to position engineering risk and control
  improvement as agile initiatives within a faster growing company.
• You have a desire to scale security controls assessment through simple design, automation (e.g. OSCAL) and education. 

Brilliant benefits for a world-changing team

Our people are at the heart of Plan Zero. That’s why we offer plenty of green benefits and progressive policies to make you feel at home.

For starters, you’ll get 34 days of holiday (including bank holidays).

Then there’s Flex Pay. It’s an extra 9% of your salary on top of your core pay to use as you like. You can take it as cash, add to your pension, or choose to spend it on a huge range of flex benefits.

Here’s a taster of what’s on offer:

For your health
With benefits like a healthcare cash plan or private medical insurance depending on your career level, critical illness cover, life assurance, health assessments, and more

For your wellbeing
With gym membership, gadget, travel and cyber insurance, workplace ISA, will writing services, DNA testing, dental insurance, and more

For your lifestyle
With extra holiday buying, discount dining, culture cards, tech loans, and supporting your favourite charities with give-as-you-earn donations

For your home 
Get up to £300 off any OVO Energy plan (when you pay by Direct Debit), plus personal carbon offsetting and great discounts on smart thermostats and EV chargers

For your commute
Nab a great deal on ultra-low emission car leasing, plus our cycle to work scheme and public transport season ticket loans 

Want to hear about our full range of flexible benefits and progressive people policies? Our People Team can tell you everything you need to know.

Oh, and one last thing...

We’d be thrilled if you tick off all our boxes yet we also believe it’s just as important we tick off all of yours. And if you think you have most of what we’re looking for but not every single thing, go ahead and hit apply. We’d still love to hear from you!