OT Security Risk & Compliance Specialist

Operational Technology (OT) Risk and Compliance Specialist
Flexible location - Glasgow, Ipswich, London, Northampton or Selby
Hybrid working
Permanent, full time

Closing date: Friday 2nd May 2025

Who we are

We’re not just talking about making a difference, we’re making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the global leader in sustainable biomass and carbon removals.

You’ll be joining our teams of practical doers, future thinkers and business champions. We’re enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come.

About the role

This is a security risk and compliance-based role, reporting into the OT Risk and Compliance Manager. You’ll be part of the Information Security, Governance, Risk and Compliance Team (IGRC) but will work closely with a wide variety of business stakeholders including Security and Operational teams cross-functionally.

You’ll assist in the delivery of Security Policy, Data Classification, and Compliance Management in accordance with business and regulatory requirements. This role will help to further develop compliance knowledge and skills through the rollout of tools, policies and procedures, working with individual Project Teams and Asset Owners to ensure that they understand their responsibilities in relation to security risk management across the Group.

You’ll support delivery against the business strategy, the technical roadmap and the objectives set out in the Security strategy.

Additional responsibilities include:

1. Delivering against defined Security risk assessment schedules, collaborating with other authorised risk practitioners to conduct risk assessments, and maintaining accurate security risk records and risk reports.
2. Ensuring controls and risk treatment plans align with Security policies and standards.
3. Contributing to risk review meetings and providing security representation at business unit meetings and technical forums as required, effectively communicating Security related risks and mitigations.
4. Assisting in developing and improving the Group Security Risk Management framework including the effective management of Information System & Security risk records across the Group.
5. Contributing to Enterprise risk reporting.
6. Effectively liaising with Drax teams, consultants and contractors to deliver agreed targets.

Who we’re looking for

Ideally, you’ll have previous experience working with Operational Technology (OT)/ Industrial Control Systems (ICS) with good knowledge of risk management methodologies such as ISO27005, IEC 62443 3-2 and IRAM2. Knowledge of security frameworks, security management systems and organisational security controls (e.g. NCSC CAF/NIST/IEC 62443) is also required.

You’ll need to have a structured, methodical and accurate approach with the ability to interpret relevant industry regulations and standards. Ideally, you’ll also be familiar with the development and maintenance of management systems.

This role requires strong communication and stakeholder management skills, with the ability to influence beyond your sphere of control.

Rewards and benefits

As you help us to shape the future, we’ve shaped our rewards and benefits to help you thrive and support your lifestyle:

• Competitive salary
• Discretionary group performance-based bonus
• 25 days annual leave (plus Bank Holidays)
• Single cover private medical insurance
• Pension scheme

We’re committed to making a tangible impact on the climate challenge we all face. Drax is where your individual purpose can work alongside your career drive. We work as part of a team that shares a passion for doing what’s right for the future. With Drax you can shape your career and a future for generations to come.

Together, we make it happen.

At Drax, we’re committed to fostering an environment where everyone feels valued and respected, regardless of their role. To make this a reality, we actively work to better represent the communities we operate in, foster inclusion, and establish fair processes. Through these actions, we build the trust needed for all colleagues at Drax to contribute their perspectives and talents, no matter their background. Find out more about our approach here.

How to apply

Think this role’s for you? Click the ‘Apply now’ button to begin your Drax journey.

If you want to find out more about Drax, check out our LinkedIn page to see our latest news.