Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security governance, risk, and compliance initiatives at AVEVA.
- Company: Join AVEVA, a global leader in industrial software driving digital transformation.
- Benefits: Enjoy flexible benefits, 28 days annual leave, and education assistance.
- Why this job: Be part of a diverse team shaping the future of cybersecurity in a sustainable company.
- Qualifications: 7+ years in security GRC, with strong communication and problem-solving skills required.
- Other info: This is a 1-year fixed-term role based in London.
The predicted salary is between 48000 - 84000 £ per year.
Social network you want to login/join with:
Principal Specialist, Security GRC (1-year Fixed Term), London
col-narrow-left
Client:
AVEVA
Location:
London, United Kingdom
Job Category:
Other
–
EU work permit required:
Yes
col-narrow-right
Job Reference:
43d85e76fc03
Job Views:
9
Posted:
18.07.2025
Expiry Date:
01.09.2025
col-wide
Job Description:
AVEVA is creating software trusted by over 90% of leading industrial companies.
Job Title: Principal Specialist, Security GRC
Employment Type: Full-time, 1-year Fixed Term
The job
AVEVA is a global leader in industrial software, driving digital transformation and sustainability. By connecting the power of information and artificial intelligence with human insight, AVEVA enables teams to use their data to unlock new value. We call this Performance Intelligence. AVEVA’s comprehensive portfolio enables more than 20,000 industrial enterprises to engineer smarter, operate better and drive sustainable efficiency. AVEVA supports customers through a trusted ecosystem that includes 5,500 partners and 5,700 certified developers around the world. The company is headquartered in Cambridge, UK, with over 6,500 employees and ninety offices in over forty countries. Learn more at.
We take pride in our core values and the diversity of our people, valuing the unique experience and expertise that people from diverse backgrounds bring to our business. At AVEVA, we are all about Limitless possibilities. Are you?
The Principal Specialist, Security GRC is a 1-year fixed-term employee position, critical role in shaping and standing-up AVEVA’s 2nd Line of Defence Security Governance, Risk and Compliance capabilities and services.
This role will be responsible for providing insightful knowledge and actionable recommendations to achieve AVEVA’s target operating model for security GRC and increase the maturity of existing processes and systems.
The post holder will be expected to quickly integrate into the team, proactively engage with stakeholders across the business, from technical SME’s to business leadership. They will need to work independently and able to prioritise their time across multiple projects and engagements.
Key responsibilities
Implementation of Security Policy & Standards. Provide subject matter expert knowledge and support on the developing policy, standards, and exemption services to enable controls and supporting control practices to be embedded and optimised across the organisation. Includes optimisation of underpinning risk and control indicators.
Implementation of Security Risk Management & Assurance. Provide subject matter expert knowledge on developing security risk management and risk assurance services that enable effective, and data driven risk management and reporting across operations. This includes the capability to monitor and report effectiveness of risk management within the product development lifecycle and supply chain.
Implementation of Supply Chain Security Risk Management. Provide subject matter expert knowledge tobuild and optimise the supply chain security risk management service to enable effective management of supplier security risks across the organisation. Collaborate with supply chain partners to provide deep knowledge to shape procurement, legal, digital, and other business functions practices so they identify and mitigate supply chain security risks.
Stakeholder Engagement. Build and maintain trusted relationships with stakeholders to embed security risk practices into operational activities. This includes providing guidance and thought leadership on risk best practice and assurance to technical and non-technical stakeholders.
Experience . Preferable 7+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a senior expert or manager of a significant department. Experience of fulfilling similar role in a software publishing or internet business is preferrable.
Governance. Significant experience in developing, implementing, and optimising security policies, standards, and control-sets to enable effective adaption and adoption across organisational departments and teams.
Risk Management and Assurance. Extensive experience of understanding of using threat, security control performance and business operations to independently assess residual security risk position to the end customer based on business processes and practices including product development lifecycle and supply chain.
Regulatory Compliance. Significant experience of working within a regulated environment and advising others on the principal requirements of major legislation and regulations relevant to security, and the legal and regulatory instruments relevant to the role. Experience of responding to new regulations e.g. NIS2. Knowledge of cross-border regulations, such as GDPR and EU Data Privacy rules.
Desired skills
Organisational Skills. Highly skilled in managing multiple tasks within set deadlines whilst managing expectations of invested parties
Communication Skills. Excellent verbal and written communication skills, with the ability to convey complex information clearly and concisely to diverse audiences.
Decision making. Highly skilled in tactical decision-making with organisational impact.
Problem-solving . Able to address day-to-day challenges quickly with a focus on operational solutions. Highly skilled at deconstructing large complex problems into solutions that can be easily understood and executed by business and digital teams
Digital Security at AVEVA
Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud.
As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cybersecurity, you’ll find fulfilment and opportunity in our team.
Find out more:
UK Benefits include:
Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.
It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive.
Find out more: aveva.com/en/about/careers/benefits/
By default, employees are expected to be in their local AVEVA office three days a week, but some positions are fully office-based. Roles supporting particular customers or markets are sometimes remote.
Hiring process
Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.
Find out more: aveva.com/en/about/careers/hiring-process
About AVEVA
AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably.
We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy. Learn more about how we are progressing against our ambitious 2030 targets: sustainability-report.aveva.com/
Find out more: aveva.com/en/about/careers/
#J-18808-Ljbffr
Principal Specialist, Security GRC (1-year Fixed Term) employer: AVEVA
Contact Detail:
AVEVA Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Principal Specialist, Security GRC (1-year Fixed Term)
✨Tip Number 1
Familiarise yourself with AVEVA's core values and their approach to sustainability and digital transformation. Understanding these aspects will help you align your discussions during interviews, showcasing how your experience and values resonate with theirs.
✨Tip Number 2
Network with current or former employees of AVEVA on platforms like LinkedIn. Engaging in conversations about their experiences can provide valuable insights into the company culture and expectations for the Principal Specialist role.
✨Tip Number 3
Prepare to discuss specific examples from your past work that demonstrate your expertise in security governance, risk management, and compliance. Tailoring your examples to reflect the responsibilities outlined in the job description will make a strong impression.
✨Tip Number 4
Stay updated on the latest trends and regulations in cybersecurity, especially those relevant to the software industry. Being knowledgeable about recent developments will not only enhance your confidence but also show your commitment to the field during interviews.
We think you need these skills to ace Principal Specialist, Security GRC (1-year Fixed Term)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in security governance, risk, and compliance. Use keywords from the job description to demonstrate that you meet the specific requirements for the Principal Specialist role.
Craft a Compelling Cover Letter: In your cover letter, explain why you're passionate about cybersecurity and how your experience aligns with AVEVA's mission. Mention specific projects or achievements that showcase your skills in stakeholder engagement and risk management.
Showcase Relevant Experience: Detail your experience in developing and implementing security policies and standards. Provide examples of how you've optimised processes in previous roles, particularly in regulated environments, to illustrate your expertise.
Highlight Soft Skills: Emphasise your organisational and communication skills in both your CV and cover letter. Describe situations where you've successfully managed multiple tasks or conveyed complex information to diverse audiences, as these are crucial for the role.
How to prepare for a job interview at AVEVA
✨Understand AVEVA's Core Values
Before your interview, take some time to research AVEVA's core values and how they align with your own. Be prepared to discuss how your experience and values can contribute to their mission of driving digital transformation and sustainability.
✨Showcase Your Expertise in Security GRC
As a Principal Specialist, you'll need to demonstrate your extensive knowledge in security governance, risk, and compliance. Prepare specific examples from your past experiences that highlight your ability to implement security policies and manage risks effectively.
✨Engage with Stakeholders
Since stakeholder engagement is crucial for this role, think of ways you've successfully built relationships in previous positions. Be ready to share strategies you used to communicate complex information clearly to both technical and non-technical audiences.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills and decision-making abilities. Practice articulating how you would approach real-world challenges related to security risk management and compliance, focusing on operational solutions.
