Join us, be part of more. 

We’re so much more than an energy company. We’re a family of brands revolutionising how we power the planet. We're energisers. One team of 21,000 colleagues that’s energising a greener, fairer future by creating an energy system that doesn’t rely on fossil fuels, whilst living our powerful commitment to igniting positive change in our communities. Here, you can find more purpose, more passion and more potential. That’s why working here is #MoreThanACareer. We do energy differently – we do it all. We make it, store it, move it, sell it and mend it. 

About your team: 

At Centrica Energy, our mission is to move it. 

We’re energy movers by nature. We’re a global renewable energy trading company which helps move energy from source to use – powering businesses, homes, and societies as they transition to a new sustainable energy future. If the idea of working to create a sustainable energy future also moves you, we may very well be the right place for you.

Shape the future of energy security. This is a unique opportunity to lead the security compliance and assurance strategy for one of Denmark’s most successful energy trading organisations. In this highly visible role, you will define and drive security governance, ensuring resilience and regulatory compliance across IT and OT environments. If you are passionate about safeguarding critical infrastructure, problem solving, delivery focused and influencing senior leadership on risk and compliance, this position offers the platform to make a real impact.

About the Role

As Head of IT Security & Assurance, you will lead the Danish security compliance and assurance program, ensuring full adherence to EU NIS2, Danish Energy Authority requirements, and internationally recognized standards. Acting as the primary interface between security governance and senior business leadership, you will provide assurance on regulatory compliance and risk posture while driving continuous improvement across critical infrastructure.

Your key responsibilities will be to:

• Lead and manage the local information security program and ISMS, aligning with global security objectives and industry best practices.
• Develop and maintain security policies, standards, and procedures tailored to Danish regulatory requirements.
• Own regulatory compliance across EU NIS2 and DEA requirements, serving as the main liaison with national and EU cybersecurity authorities.
• Coordinate audits, inspections, and evidence submissions for regulatory bodies.
• Conduct risk assessments across IT and OT environments, ensuring robust controls and proactive risk management.
• Oversee vulnerability management, secure configuration, and continuous monitoring processes.
• Manage incident detection, response, and recovery, including crisis communication and coordination with authorities.
• Deliver security awareness and training programs for employees, contractors, and third parties.
• Support third-party risk management and supplier security assurance activities.
• Collaborate with Legal, Risk, Audit, and senior leadership to maintain a strong governance framework.

About You

You are an experienced security leader with a proven track record in managing compliance and risk within complex environments. You thrive in high-stakes situations, communicate effectively with regulators and senior stakeholders, and have a deep understanding of critical infrastructure security. Fluency in both Danish and English is essential for success in this role, as you will engage with national authorities, EU regulators, and senior business leaders on a daily basis.

We are looking for someone who has:

• Extensive experience in information security management within energy, utilities, or other critical infrastructure sectors.
• Strong knowledge of EU NIS2 Directive and Danish Energy Authority security requirements.
• Expertise in implementing frameworks such as ISO 27001, NIST CSF, and Cyber Essentials.
• Demonstrated ability to manage cyber risk across IT and OT environments.
• Proven incident response and crisis management capabilities.
• Exceptional communication skills for engaging regulators and senior business leaders.
• Experience working with EU/Danish regulators, auditors, or certification bodies.
• Knowledge of cloud security, identity and access management, and GDPR compliance.
• Bachelor’s degree in Computer Science, Information Security, Engineering, or related field.
• It would be an advantage if you have a Master’s degree, MBA or certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor.

About Centrica Energy

Centrica Energy is a leading energy trading company, powering the transition to a sustainable future. We operate in global energy markets, managing complex trading portfolios and delivering innovative solutions to meet evolving market demands. As an employer, we offer a collaborative, inclusive environment where your ideas drive real impact. Join us and be part of shaping the future of energy.

#LI-CET

Why should you apply?
We’re not a perfect place – but we’re a people place. Our priority is supporting all of the different realities our people face. Life is about so much more than work. We get it. That’s why we’ve designed our total rewards to give you the flexibility to choose what you need, when you need it, making sure that you and your family are supported not only financially, but physically and emotionally too. Visit the link below to discover why we’re a great place to work and what being part of more means for you.
https://www.morethanacareer.energy/centricaenergy

If you're full of energy, fired up about sustainability, and ready to craft not only a better tomorrow, but a better you, then come and find your purpose in a team where your voice matters, your growth is non-negotiable, and your ambitions are our priority. Help us, help you. We would love for you to share any information about yourself throughout our recruitment process so that we can better understand you and help shape your journey.