Cyber Governance Lead

Cyber Governance Lead Location: Glasgow – hybrid working (2-3 days in the office) Salary: £57-72K (plus up to 15% bonus and private healthcare cover) Permanent, Full Time Help us create a better future, quicker ScottishPower is seeking an experienced Cyber Governance professional to take a leading role in shaping how cyber risk is understood, managed, and governed across the organisation. This position sits at the heart of our second line of defence, ensuring the business is supported in meeting its risk and compliance obligations while maintaining a clear and consistent view of cyber security performance. What you’ll be doing In this role, you will define, implement, and continually enhance our Cyber Governance Model, ensuring that key risks and compliance requirements are accurately reported to the relevant governance forums and committees. You will lead the development and maintenance of our cyber security policies, frameworks, rules, and methodologies, working closely with colleagues across the business to ensure they are effectively understood and adopted.   Acting as a trusted expert, you will play a pivotal part in shaping our Cyber Security Strategy by translating complex risk information into insights that influence decision‑making at the highest levels. You will take ownership of key governance processes, from crafting UK Cyber Governance Committee papers to coordinating actions, overseeing rule exceptions, and establishing robust GRC data governance. Success in this role will require strong collaboration across both local and international teams, including working closely with global colleagues within the Iberdrola Group. You will support the wider Cyber Security function by embedding strong risk management principles, contributing to global standards and procedures, and helping deliver strategic security initiatives across the business. What you’ll bring The role involves planning and coordinating long-term activities, from supporting our Cyber Security Transformation Programme to managing delivery plans, audit schedules, and remediation programmes. It also requires effective engagement with internal and external partners, including auditors, regulatory bodies, industry groups, and global security teams.   We’re looking for someone with deep knowledge of cyber security risk and governance, and relevant industry qualifications such as CISSP, CISM, or GICSP are considered favorable but not strictly required. You’ll bring experience gained in an organisation of comparable scale, ideally with exposure to global security operations, and you’ll be comfortable communicating complex technical issues in a way that resonates with senior stakeholders. Strong leadership, strategic thinking, and the ability to navigate change with confidence are essential, as is an ability to build trusted relationships across diverse teams and cultures.   If you’re ready to bring expertise, strategic insight, and leadership to a highly influential role, we’d love to hear from you. What’s in it for you As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%.  At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that -  so that you have everything you need to take care of your world – today and tomorrow. That’s why our benefits include: 36 days annual leave Holiday purchase – perfect your work/life balance with extra annual leave Share Incentive Plan and Sharesave Scheme Payroll giving and charity matched funding Technology Vouchers – save more and spread the cost of your technology purposes Count us in – pledge to reduce carbon emissions and help fight climate change Electric Vehicle Schemes – to help you transition to green/clean driving Cycle to Work scheme and public transport season ticket loans Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments Life Assurance (4x salary) Access to ‘nudge’ financial wellbeing support Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more Why ScottishPower ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation. Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in. ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to careers@scottishpower.com. Mobility Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements. IMPORTANT  Advert will close at 23:59 GMT the day before Job Posting End Date below April-4-2026