Application Cybersecurity Lead at Avangrid in Glasgow, Scotland, United Kingdom | Kablio

Role

Description

app security

vulnerability management

security assessment

secure development

cyber governance

security training

The primary responsibility is to implement and evolve the application security model, ensuring that security standards and best practices are fully integrated into the Software Development Lifecycle. This includes leading vulnerability management activities such as inventorying logical components, proactively discovering vulnerabilities, coordinating scanning and penetration testing, assessing findings, driving remediation, and producing comprehensive reports.

The Lead will also conduct security assessments of commercial software packages and act as the subject‑matter expert for Secure Software Development Standards, methods, and tools. They will work with global teams to align with Iberdrola‑defined standards, take accountability for governance and adoption within ScottishPower, and deliver education, training, and awareness programmes to embed these standards.

Implement and evolve the Global Application Security Model across all ScottishPower businesses.
Lead vulnerability management: inventory, discovery, scanning, assessment, remediation, and reporting.
Conduct security assessments of commercial software packages.
Own and champion Secure Software Development Standards, methods, and tools.
Govern, oversee, and ensure adoption of cybersecurity standards within ScottishPower.
Deliver education, training, and awareness programmes on security standards.
Collaborate with global teams to align with Iberdrola‑defined security standards.
Apply stakeholder management across multiple projects and teams.

Requirements

secure sdlc

threat modelling

web security

vuln discovery

api gateways

security clearance

The Application Cybersecurity Lead will be based at ScottishPower HQ in Glasgow, with flexible and hybrid working options. The role requires the successful candidate to obtain UK Government Security Clearance and will work within the Digital Transformation team to roll out the Global Application Security Model across all ScottishPower businesses.

Ideal candidates possess detailed knowledge of the Secure Software Development Life Cycle (S‑SDLC), a solid understanding of cybersecurity threats, attack techniques, and threat modeling, as well as expertise in web application security and vulnerability discovery methods. Additional required knowledge includes application security architecture components such as segmentation, API gateways, encryption, privileged account management, and WAF, together with strong stakeholder‑management skills across multiple projects.

Demonstrate deep understanding of the Secure Software Development Life Cycle (S‑SDLC).
Expertise in cybersecurity threats, attack techniques, and threat modelling.
Proficiency in web application security and vulnerability discovery techniques.
Knowledge of application security architecture (segmentation, API gateways, encryption, PAM, WAF, etc.).

Benefits

ScottishPower offers a competitive salary reviewed annually, a double‑matched pension contribution up to 10 %, 36 days of annual leave, holiday purchase, share incentive and Sharesave schemes, technology vouchers, electric vehicle schemes, and a range of personal insurance and health options. Additional benefits include financial wellbeing support, discounts on shopping, leisure, travel, and more, all aimed at supporting employees’ families, wellbeing, and climate‑action goals.

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

company will support required immigration requirements for non‑citizens.

Security clearance

must obtain uk government security clearance.

Company

Overview

47 Billion

Assets Under Management

Total value of company assets across all operations.

3.3M+ Customers

Electric & Gas Users

Over 3.3 million customers served across New York and New England.

10.0 GW

Power Generation Capacity

Combined electricity output from owned and operated facilities.

Born in 2015 from a merger with UIL Holdings, creating a national powerhouse from regional utilities.
Headquartered in Orange, Connecticut, with operations in 24 U.S. states.
Its utilities arm manages eight electric and natural gas systems.
Projects include onshore wind, solar, biomass, thermal plants, and grid upgrades.
Fully acquired by Iberdrola in late 2024, enhancing investment potential.
Key ventures include the nation's largest offshore wind project and the Maine Power upgrade.
Combines local legacy with large-scale clean energy ambition.

Culture + Values

Sustainable: We seek to be a model of inspiration for creating economic, social and environmental value in our communities and we act positively to affect local development, generate employment, and give back to the community.
Agile: We act efficiently and with passion to drive innovation and continuous improvement at both the local and global level.
Collaborative: We work together toward a common purpose and mutual benefit while valuing each other and our differences.

Environment + Sustainability

By 2030

Carbon Neutrality Target

The company aims to achieve carbon neutrality for Scopes 1 and 2.

9.3 GW

Emissions-Free Capacity

Installed capacity in wind and solar energy.

10 GW

Energy Goal

Target to generate 10 GW of emissions-free energy capacity by 2025.

70%

Emissions Reduction Goal

Aim to reduce emissions intensity by 70% by 2030 compared to 2015 levels.

One of the country’s cleanest utilities.
Compliance Leader Verification certification by Ethisphere Institute for third consecutive term.

Inclusion & Diversity

2024

Forbes Recognition

Recognized as one of Forbes America’s Best Employers for Diversity in the 2024 ranking.

300M Spend

Supplier Diversity Goal

Aim to increase spend with certified diverse suppliers to $300 million by 2025, up from $195 million in 2022.

DEI strategy focus areas: increasing diverse representation (especially in leadership), promoting equitable growth opportunities, establishing pathways for community and connection.

Articles

Careers at Avangrid

Sustainability

Innovation and Technology

Projects

Role

Description

app security

vulnerability management

security assessment

secure development

cyber governance

security training

Implement and evolve the Global Application Security Model across all ScottishPower businesses.
Lead vulnerability management: inventory, discovery, scanning, assessment, remediation, and reporting.
Conduct security assessments of commercial software packages.
Own and champion Secure Software Development Standards, methods, and tools.
Govern, oversee, and ensure adoption of cybersecurity standards within ScottishPower.
Deliver education, training, and awareness programmes on security standards.
Collaborate with global teams to align with Iberdrola‑defined security standards.
Apply stakeholder management across multiple projects and teams.

Requirements

secure sdlc

threat modelling

web security

vuln discovery

api gateways

security clearance

Demonstrate deep understanding of the Secure Software Development Life Cycle (S‑SDLC).
Expertise in cybersecurity threats, attack techniques, and threat modelling.
Proficiency in web application security and vulnerability discovery techniques.
Knowledge of application security architecture (segmentation, API gateways, encryption, PAM, WAF, etc.).

Benefits

Training + Development

Information not given or found

Interview process

Information not given or found

Visa Sponsorship

company will support required immigration requirements for non‑citizens.

Security clearance

must obtain uk government security clearance.

Company

Overview

47 Billion

Assets Under Management

Total value of company assets across all operations.

3.3M+ Customers

Electric & Gas Users

Over 3.3 million customers served across New York and New England.

10.0 GW

Power Generation Capacity

Combined electricity output from owned and operated facilities.

Born in 2015 from a merger with UIL Holdings, creating a national powerhouse from regional utilities.
Headquartered in Orange, Connecticut, with operations in 24 U.S. states.
Its utilities arm manages eight electric and natural gas systems.
Projects include onshore wind, solar, biomass, thermal plants, and grid upgrades.
Fully acquired by Iberdrola in late 2024, enhancing investment potential.
Key ventures include the nation's largest offshore wind project and the Maine Power upgrade.
Combines local legacy with large-scale clean energy ambition.

Culture + Values

Sustainable: We seek to be a model of inspiration for creating economic, social and environmental value in our communities and we act positively to affect local development, generate employment, and give back to the community.
Agile: We act efficiently and with passion to drive innovation and continuous improvement at both the local and global level.
Collaborative: We work together toward a common purpose and mutual benefit while valuing each other and our differences.

Environment + Sustainability

By 2030

Carbon Neutrality Target

The company aims to achieve carbon neutrality for Scopes 1 and 2.

9.3 GW

Emissions-Free Capacity

Installed capacity in wind and solar energy.

10 GW

Energy Goal

Target to generate 10 GW of emissions-free energy capacity by 2025.

70%

Emissions Reduction Goal

Aim to reduce emissions intensity by 70% by 2030 compared to 2015 levels.

One of the country’s cleanest utilities.
Compliance Leader Verification certification by Ethisphere Institute for third consecutive term.

Inclusion & Diversity

2024

Forbes Recognition

Recognized as one of Forbes America’s Best Employers for Diversity in the 2024 ranking.

300M Spend

Supplier Diversity Goal

Aim to increase spend with certified diverse suppliers to $300 million by 2025, up from $195 million in 2022.

DEI strategy focus areas: increasing diverse representation (especially in leadership), promoting equitable growth opportunities, establishing pathways for community and connection.

Articles

Careers at Avangrid

Sustainability

Innovation and Technology

Projects