Operational Technology (OT) Risk and Compliance Specialist
Flexible location - Glasgow, Ipswich, London, Northampton or Selby
Hybrid working
Permanent, full time
Closing date: Friday 2nd May 2025
Who we are
We’re not just talking about making a difference, we’re making it happen. We
generate dispatchable, renewable power and create stable energy in an uncertain
world. Building on our proud heritage, we have ambition to become the global
leader in sustainable biomass and carbon removals.
You’ll be joining our teams of practical doers, future thinkers and business
champions. We’re enabling a zero carbon, lower cost energy future for all, and
working hard to decarbonise the planet for generations to come.
About the role
This is a security risk and compliance-based role, reporting into the OT Risk
and Compliance Manager. You’ll be part of the Information Security, Governance,
Risk and Compliance Team (IGRC) but will work closely but with a wide variety
of business stakeholders including Security and Operational teams
cross-functionally.
You’ll assist in the delivery of Security Policy, Data Classification, and
Compliance Management in accordance with business and regulatory requirements.
This role will help to further develop compliance knowledge and skills through
the rollout of tools, policies and procedures, working with individual Project
Teams and Asset Owners to ensure that they understand their responsibilities in
relation to security risk management across the Group.
You’ll support delivery against the business strategy, the technical roadmap
and the objectives set out in the Security strategy.
Additional responsibilities include:
- Delivering against defined Security risk assessment schedules,
collaborating with other authorised risk practitioners to conduct
risk assessments, and maintaining accurate security risk records and risk
reports.
- Ensuring controls and risk treatment plans align with Security policies and
standards.
- Contributing to risk review meetings and provide security representation at
business unit meetings and technical forums as required, effectively
communicating Security related risks and mitigations.
- Assist in developing and improving the Group Security Risk Management
framework including the effective management of Information System &
Security risk records across the Group.
- Contribute to Enterprise risk reporting.
- Effectively liaising with Drax teams, consultants and contractors to deliver
agreed targets
Who we’re looking for
Ideally, you’ll have previous experience working with Operational Technology
(OT)/ Industrial Control Systems (ICS) with good knowledge of risk management
methodologies such as ISO27005, IEC 62443 3-2 and IRAM2. Knowledge of security
frameworks, security management systems and organisational security controls
(e.g. NCSC CAF/NIST/IEC 62443) is also required.
You’ll need to have a structured, methodical and accurate approach with the
ability to interpret relevant industry regulations and standards. Ideally,
you’ll also be familiar with the development and maintenance of management
systems.
This role requires strong communication and stakeholder management skills, with
the ability to influence beyond your sphere of control.
Rewards and benefits
As you help us to shape the future, we’ve shaped our rewards and benefits to
help you thrive and support your lifestyle:
- Competitive salary
- Discretionary group performance-based bonus
- 25 days annual leave (plus Bank Holidays)
- Single cover private medical insurance
- Pension scheme
We’re committed to making a tangible impact on the climate challenge we all
face. Drax is where your individual purpose can work alongside your career
drive. We work as part of a team that shares a passion for doing what’s right
for the future. With Drax you can shape your career and a future for
generations to come.
Together, we make it happen.
At Drax, we’re committed to fostering an environment where everyone feels
valued and respected, regardless of their role. To make this a reality, we
actively work to better represent the communities we operate in, foster
inclusion, and establish fair processes. Through these actions, we build the
trust needed for all colleagues at Drax to contribute their perspectives and
talents, no matter their background. Find out more about our approach here.
How to apply
Think this role’s for you? Click the ‘Apply now’ button to begin your Drax
journey.
If you want to find out more about Drax, check out our LinkedIn page to see our
latest news.