Principal Security Consultant (1-year Fixed Term)

AVEVA is a global leader in industrial software, driving digital transformation and sustainability. By connecting the power of information and artificial intelligence with human insight, AVEVA enables teams to use their data to unlock new value. This role will be responsible for providing insightful knowledge and actionable recommendations to achieve AVEVA's target operating model for security and increase the maturity of existing processes and systems. One area of focus of this 12 month work package is to improve transparency of security operations and compliance to customers.

The post holder will be expected to quickly integrate into the team, proactively engage with stakeholders across the business, from technical SMEs to business leadership. They will need to work independently and be able to prioritise their time across multiple projects and engagements.

• Implementation of Security Policy & Standards: Provide subject matter expert knowledge and support on developing policy, standards, and exemption services to enable controls and supporting control practices to be embedded and optimised across the organisation.
• Implementation of Security Risk Management & Assurance: Provide subject matter expert knowledge on developing security risk management and risk assurance services that enable effective, and data driven risk management and reporting across operations.
• Ability to Gather and Review Evidence For Compliance: Complete discovery investigations to demonstrate compliance to regulations, standards and customer requirements and present evidence in a consumable format for customers, regulators etc.
• Implementation of Security Control Systems: Provide subject matter expert knowledge to business stakeholders to enable adoption, adaption, and optimisation of security controls across the organisation.
• Stakeholder Engagement: Build and maintain trusted relationships with stakeholders to embed security risk practices into operational activities.

• Experience: Preferable 7+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a senior expert or manager of a significant department.
• Governance: Significant experience in developing, implementing, and optimising security policies, standards, and control-sets.
• Risk Management and Assurance: Extensive experience of understanding using threat, security control performance and business operations to independently assess residual security risk position.
• Regulatory Compliance: Significant experience of working within a regulated environment and advising others on the principal requirements of major legislation and regulations relevant to security.

• Organisational Skills: Highly skilled in managing multiple tasks within set deadlines whilst managing expectations of invested parties.
• Communication Skills: Excellent verbal and written communication skills, with the ability to convey complex information clearly and concisely.
• Decision making: Highly skilled in tactical decision-making with organisational impact.
• Problem-solving: Able to address day-to-day challenges quickly with a focus on operational solutions.

Our Digital Security team is responsible for protecting AVEVA's digital assets and keeping the company's data and IP secure. We're also playing a critical role in AVEVA's move to the cloud. As cyber threats grow and more data moves into the cloud, the importance of our role is only going to grow.

Benefits include: Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.

Hybrid working: By default, employees are expected to be in their local AVEVA office three days a week, but some positions are fully office-based.

AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect.