Information Security and Data Protection Lead

Become the Information Security and Data Protection Lead at Good Energy in Chippenham, UK. Oversee data protection practices, ensure compliance with industry standards, and support IT disaster recovery. Enjoy hybrid working allowances, a generous development budget, and a company-wide bonus scheme. Join Good Energy as an Information Security and Data Protection Lead in Chippenham, UK. In this vital role, you'll manage data protection protocols, support IT disaster recovery, and ensure compliance with PCI-DSS and ISO27001. This position offers hybrid working allowances, a £500 annual development budget, and a 15% company-wide bonus scheme. Enjoy 25 days of annual leave plus additional benefits for a balanced work-life.

Good Energy Chippenham, United Kingdom Hybrid Full Time UTC+00:00

Good Energy

Company Overview

Name

Good Energy Group PLC

Headquarters

Chippenham, United Kingdom

Founded

1999

Size

Approximately 70 employees (source: goodenergy.co.uk). Revenue figures for 2023 are not disclosed, but the company previously served 72,250 electricity customers and 43,000 gas customers as of June 2016 (source: wikipedia.org).

What They Do

Good Energy is a pioneering British renewable energy company that focuses on decentralized energy solutions. The company supplies 100% renewable electricity to homes and businesses through long-term power purchase agreements with over 2,500 independent UK generators, ensuring that every customer unit is backed by equivalent renewable production (source: goodenergy.co.uk). Their services extend beyond energy retailing to include the administration of the UK's largest voluntary Feed-in Tariff (FIT) program, which supports over 180,000 microgenerators exporting power (source: goodenergy.co.uk). Additionally, Good Energy is involved in the installation of solar panels, home batteries, heat pumps, and EV charging infrastructure, catering to a growing market of residential and small business customers seeking sustainable energy solutions (source: goodenergy.co.uk). Their innovative platform, Piclo, launched in partnership with Open Utility, facilitates peer-to-peer renewable energy trading, further enhancing their commitment to decentralized energy (source: wikipedia.org). As the only B Corp certified home energy supplier in the UK, Good Energy stands out for its ethical sourcing and support for small-scale solar initiatives (source: bcorporation.net).

Projects & Track Record

Good Energy has a notable history of impactful projects in the renewable energy sector. One of their significant achievements includes the repowering of the Delabole wind farm in Cornwall in 2010, which was the UK's first commercial wind farm, originally established in 1991. This project was financed through an £11.8 million package, showcasing Good Energy's commitment to advancing renewable technologies (source: wikipedia.org). In 2014, the company invested £500,000 in Tidal Lagoon Power for the proposed Swansea Bay tidal scheme, although this project was later deemed unviable by the government in 2018 (source: wikipedia.org). Furthermore, Good Energy pioneered the UK's first homeowner solar export payment scheme in 2004, which significantly influenced the national FIT rollout in 2010, leading to the installation of 850,000 systems totaling 5 GW capacity by 2019 (source: goodenergy.co.uk). While the company has sold its wind and solar generation portfolio in 2022, it continues to source energy from over 2,000-2,500 distributed generators, maintaining a strong presence in the renewable energy landscape (source: wikipedia.org).

Recent Developments

In recent years, Good Energy has achieved significant milestones, including its B Corporation certification in July 2024, making it the only certified UK home energy supplier. This certification reflects the company's commitment to governance, ethics, and transparency, scoring 15.6 in these areas (source: bcorporation.net). The company celebrated its 25th anniversary in 2024, marking a quarter-century of contributions to the renewable energy sector, including administering over 180,000 FIT sites and expanding its installation services for solar panels, batteries, and heat pumps (source: goodenergy.co.uk). Additionally, on 27 January 2025, Good Energy announced an acquisition agreement with Dubai-based Esyasoft for £99.4 million, pending completion, which could further enhance its market position (source: wikipedia.org). The company has also been actively involved in discussions around policy shifts towards clean power by 2030, aligning its operations with national energy goals (source: wikipedia.org).

Working There

Good Energy offers a variety of roles focused on green careers, including positions in energy supply, customer service, installations (solar, batteries, heat pumps, EV charging), and FIT administration. The company emphasizes its commitment to tackling climate change and promotes a culture of purpose-driven work beyond profit (source: goodenergy.co.uk). Most hiring occurs at their headquarters in Chippenham, Wiltshire, with no other office locations specified for recruitment (source: wikipedia.org). Good Energy's culture is characterized by a focus on community engagement and transparency, as evidenced by their B Corp status, which includes mission-locked governance and a commitment to sustainability reporting (source: goodenergy.co.uk). While specific employee benefits are not detailed in public records, the company promotes a supportive environment for innovation and customer management tools (source: goodenergy.co.uk).

Contact

Website · Careers · LinkedIn

Last updated on 2025-12-26 | Report an issue

Job Description

We're looking for an experienced and motivated Information Security and Data Protection Lead to join our team, reporting to the Head of Information Governance, Risk and Compliance. In this key role, you'll take ownership of our information security and data protection practices, ensuring the integrity of our systems and compliance with regulatory and industry standards.

You'll play a vital role in protecting sensitive data, supporting IT disaster recovery planning, and leading change management processes. You'll also be instrumental in maintaining our compliance with PCI-DSS, Cyber Essentials, and other key frameworks such as ISO27001 and NCSC CAF.

This is a great opportunity for someone who is technically skilled, detail-driven, and passionate about creating a secure and resilient digital environment.

Responsibilities

Data protection: Implement and manage protocols to safeguard sensitive information, including robust impact assessments
Information security: Support and lead initiatives such as threat assessments, vulnerability management, incident response, and certification compliance (Cyber Essentials, ISO27001, etc.).
IT disaster recovery (DR): Develop, maintain, and regularly test IT DR plans to ensure business continuity.
Change management: Lead IT change processes by chairing the Change Advisory Board, ensuring smooth and secure transitions.
PCI-DSS compliance: Oversee audits and assessments to maintain compliance with PCI-DSS requirements.
Technology policy: Create, update, and enforce technology policies that meet industry standards and support operational excellence.
Penetration & control testing: Coordinate system penetration testing and conduct regular tests across people, processes, and technology to ensure control effectiveness.

General responsibilities

Champion our culture and values, acting as a role model across the business.
Communicate and collaborate effectively with internal teams and external partners.
Lead and coordinate external audits and third-party engagements.
Promote a culture of continuous improvement and innovation.
Ensure employees are aware of their responsibilities through policy updates, training, and awareness programs.

What you'll need to succeed

Essentials

Solid knowledge of data protection law and regulatory requirements
Strong verbal and written communication skills
Excellent attention to detail
Confidence in supporting IT operations, particularly in cyber resilience and disaster recovery
Ability to translate technical workflows into clear, usable documentation
Proven experience in policy writing and implementation

Desirables

Experience within the utility industry.

Benefits you can rely on

Great allowances for hybrid working:
🏡 £500 work from home allowance - an annual allowance paid monthly alongside your salary to support with working from home costs.
🚆 £500 travel allowance - an annual allowance paid monthly alongside your salary to support with travelling to work costs.

📖 £500 annual development allowance: to spend on your chosen development area, whether that's in your current role, or future roles.
🎁15%: company-wide bonus scheme designed to reward collective teamwork and delivery of results across the whole business.

🌞 Holiday: 25 days annual leave, a day off for your birthday, additional days leave for long service, plus bank holidays. You'll also have the option to buy additional leave, allowing for a better work-life balance.

💸 Ethical Pension with Aviva: Good Energy offers an ethical pension plan provided by Aviva, with employer-matched contributions up to 7.5% of your base salary.

See more of our benefits here.