SES Energy LLC
Information Security & Data Governance Lead (UK)

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Principal Accountabilities Information Security • Develop, implement, and maintain information and cyber security policies, standards, and procedures • Ensure alignment with recognized frameworks (ISO 27001, NIST CSF, CIS Controls) • Conduct risk assessments across IT, cloud, and Operational Technology (OT) environments • Support incident response planning and continuous improvement of security controls • Embed secure-by-design principles into infrastructure and operational systems Data Governance • Establish and maintain an enterprise data governance framework • Define and enforce data classification, handling, retention, and protection standards • Ensure compliance with international data protection regulations including GDPR, UK Data Protection Act, and applicable US privacy laws • Promote data ownership, stewardship, and accountability across business units • Support data quality, integrity, and lifecycle management Compliance & Regulatory Oversight • Ensure compliance with applicable cybersecurity, data governance, and energy sector regulations • Lead and support internal and external audit activities, including evidence collection and remediation tracking • Maintain enterprise risk registers and compliance reporting • Continuously monitor global cyber and data regulatory changes • Assess impact of regulatory developments and update internal policies, standards, and procedures accordingly • Ensure compliance is maintained across all regions of operation Cybersecurity Awareness & Training • Design and deliver enterprise cybersecurity awareness programmes • Conduct phishing simulations and risk-based awareness campaigns • Tailor training for corporate and operational (OT) environments • Measure effectiveness and drive continuous improvement in user behaviour Governance & Advisory • Act as subject matter expert and advisor on security, governance, and compliance matters • Administer and support third-party/vendor risk management programme • Provide reporting and insights to leadership on security posture, regulatory changes, and risk exposure • Contribute to the continuous improvement of governance, risk, and compliance (GRC) capability • Member of change management board and contributor to change management process Qualifications and Experience Required • Significant experience in information security, cybersecurity GRC, or IT governance roles • Proven experience implementing data governance frameworks • Strong understanding of international data protection and cybersecurity regulations JOB DESCRIPTION • Experience working within regulated environments • Familiarity with ISO 27001, NIST, or equivalent frameworks • Experience supporting audit and compliance processes Desired • Experience in the energy, utilities, or critical infrastructure sector • Exposure to Operational Technology (OT) environments • Professional certifications (e.g., CISSP, CISM, CRISC, CISA, CDMP) • Experience with GRC tools (e.g., ServiceNow GRC, RSA Archer, MetricStream) HSE Responsibilities • Stop work by challenging and stopping unsafe acts and behaviours or unsafe conditions. • Comply with Standard Operating Procedures defined in Responsibilities above, and company STOP WORK system. • Ensure that cybersecurity considerations support safe and reliable operational environments, particularly within OT systems Competencies • Risk & Compliance Expertise: Strong understanding of regulatory and governance frameworks • Analytical Thinking: Ability to assess and mitigate complex risks • Stakeholder Engagement: Ability to influence across technical and business teams • Communication: Clear communication of technical and regulatory requirements • Autonomy: Operates independently with accountability for outcomes • Continuous Improvement: Proactively adapts to changing regulatory and threat landscapes Any Other Information • This is a senior individual contributor role with no direct reports • The role operates across multiple jurisdictions with varying regulatory requirements
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location