Enable job alerts via email!

Security Risk & Compliance Lead (OT)

Drax

Selby

Hybrid

GBP 60,000 - 80,000

Full time

2 days ago
Be an early applicant

Job summary

A leading renewable energy company in the UK seeks a Security Risk and Compliance Lead to manage and oversee security risk strategies, ensuring compliances with various frameworks and regulations. The ideal candidate will have substantial experience in risk management, excellent communication skills, and the ability to work collaboratively across teams. This permanent, full-time position offers competitive salary and benefits, promoting a sustainable future.

Benefits

Competitive salary
15% performance-based bonus
25 days annual leave
Private medical insurance
Pension scheme

Qualifications

  • Experience leading within a risk management role.
  • Good knowledge of risk management methodologies.
  • Ability to interpret industry regulations and standards.

Responsibilities

  • Define and oversee security risk assessment schedules.
  • Ensure controls align with policies and standards.
  • Lead security risk review meetings with stakeholders.

Skills

Risk management experience
Knowledge of IEC 62443
Knowledge of ISO 27005
Communication skills
Stakeholder management

Tools

NIST control framework
ISO 27001
ITIL
SABSA

Job description

Security Risk and Compliance Lead (OT)
Flexible location – Glasgow, Ipswich, London, Selby
Permanent, full time

Closing date: Monday 11th August 2025

Who we are


We’re not just talking about making a difference, we’re making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the global leader in sustainable biomass and carbon removals.

You’ll be joining our teams of practical doers, future thinkers and business champions. We’re enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come.

About the role

This is an information security risk and compliance-based role, reporting into the Head of InfoSec, Governance, Risk and Compliance via the OT Risk and Compliance Manager. You’ll be part of the Information Security, Governance, Risk and Compliance Team (IGRC) but will work closely but with a wide variety of business stakeholders including Engineering and Security teams cross-functionally.

You’ll lead on all aspects of security risk management activity across the Group, but particularly in respect to our OT environments. This role will also assist in the delivery of Security Policy, Data Classification, and Compliance Management in accordance with business and regulatory requirements across the Group.

The role will deliver against the business strategy, the technical roadmap and the objectives set out in the Security strategy.

Responsibilities include:

- Defining of Security risk assessment schedules, providing oversight to other authorised risk practitioners, conducting risk assessments, and maintaining accurate security risk records and risk reports.
- Ensuring controls and risk treatment plans align with our policies and standards.
- Leading security risk review meetings with key stakeholders and providing security representation at business unit risk review and Senior Leadership Team (SLT) meetings as required, effectively communicating all Security related risks and mitigations.
- Supporting with the develop and improve the Group Security Risk Management framework.
- Effectively liaising with regulators, auditors, Drax teams, consultants and contractors to deliver against agreed targets.

Who we’re looking for


Ideally, you’ll have experience leading within a risk management role and have a good knowledge of methodologies such as IEC 62443 and ISO 27005. Knowledge of control frameworks such as NIST, IEC 62443, ISO 27001, ITIL (Information Technology Infrastructure Library), and SABSA is also required.

You’ll need to have a structured, methodical and accurate approach with the ability to interpret relevant industry regulations and standards. Ideally, you’ll also be familiar with the development and maintenance of management systems.

This role requires strong communication and stakeholder management skills, with the ability to influence beyond your sphere of control.

Rewards and benefits


As you help us to shape the future, we’ve shaped our rewards and benefits to help you thrive and support your lifestyle:

- Competitive salary
- 15% on-target discretionary group performance-based bonus
- 25 days annual leave (plus Bank Holidays)
- Single cover private medical insurance
- Pension scheme

We’re committed to making a tangible impact on the climate challenge we all face. Drax is where your individual purpose can work alongside your career drive. We work as part of a team that shares a passion for doing what’s right for the future. With Drax you can shape your career and a future for generations to come.

Together, we make it happen.

At Drax, we’re committed to fostering an environment where everyone feels valued and respected, regardless of their role. To make this a reality, we actively work to better represent the communities we operate in, foster inclusion, and establish fair processes. Through these actions, we build the trust needed for all colleagues at Drax to contribute their perspectives and talents, no matter their background. Find out more about our approachhere.

How to apply


Think this role’s for you? Click the ‘Apply now’ button to begin your Drax journey.

If you want to find out more about Drax, check out our LinkedIn page to see our latest news.

Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.