Principal Specialist, Security GRC (1-year Fixed Term)

AVEVA is creating software trusted by over 90% of leading industrial companies.Job Title: Principal Specialist, Security GRCLocation: Cambridge, London, Derry/Londonderry, United KingdomEmployment Type: Full-time, 1-year Fixed TermThe jobAVEVA is a global leader in industrial software, driving digital transformation and sustainability. By connecting the power of information and artificial intelligence with human insight, AVEVA enables teams to use their data to unlock new value. We call this Performance Intelligence. AVEVA’s comprehensive portfolio enables more than 20,000 industrial enterprises to engineer smarter, operate better and drive sustainable efficiency. AVEVA supports customers through a trusted ecosystem that includes 5,500 partners and 5,700 certified developers around the world. The company is headquartered in Cambridge, UK, with over 6,500 employees and ninety offices in over forty countries. Learn more at .We take pride in our core values and the diversity of our people, valuing the unique experience and expertise that people from diverse backgrounds bring to our business. At AVEVA, we are all about Limitless possibilities. Are you?The Principal Specialist, Security GRC is a 1-year fixed-term employee position, critical role in shaping and standing-up AVEVA’s 2nd Line of Defence Security Governance, Risk and Compliance capabilities and services.This role will be responsible for providing insightful knowledge and actionable recommendations to achieve AVEVA’s target operating model for security GRC and increase the maturity of existing processes and systems.The post holder will be expected to quickly integrate into the team, proactively engage with stakeholders across the business, from technical SME’s to business leadership. They will need to work independently and able to prioritise their time across multiple projects and engagements.Key responsibilitiesImplementation of Security Policy & Standards. Provide subject matter expert knowledge and support on the developing policy, standards, and exemption services to enable controls and supporting control practices to be embedded and optimised across the organisation. Includes optimisation of underpinning risk and control indicators.Implementation of Security Risk Management & Assurance. Provide subject matter expert knowledge on developing security risk management and risk assurance services that enable effective, and data driven risk management and reporting across operations. This includes the capability to monitor and report effectiveness of risk management within the product development lifecycle and supply chain.Implementation of Supply Chain Security Risk Management. Provide subject matter expert knowledge to build and optimise the supply chain security risk management service to enable effective management of supplier security risks across the organisation. Collaborate with supply chain partners to provide deep knowledge to shape procurement, legal, digital, and other business functions practices so they identify and mitigate supply chain security risks.Stakeholder Engagement. Build and maintain trusted relationships with stakeholders to embed security risk practices into operational activities. This includes providing guidance and thought leadership on risk best practice and assurance to technical and non-technical stakeholders.Essential requirementsExperience. Preferable 7+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a senior expert or manager of a significant department. Experience of fulfilling similar role in a software publishing or internet business is preferrable.Governance. Significant experience in developing, implementing, and optimising security policies, standards, and control-sets to enable effective adaption and adoption across organisational departments and teams.Risk Management and Assurance. Extensive experience of understanding of using threat, security control performance and business operations to independently assess residual security risk position to the end customer based on business processes and practices including product development lifecycle and supply chain.Regulatory Compliance. Significant experience of working within a regulated environment and advising others on the principal requirements of major legislation and regulations relevant to security, and the legal and regulatory instruments relevant to the role. Experience of responding to new regulations e.g. NIS2. Knowledge of cross-border regulations, such as GDPR and EU Data Privacy rules.Desired skillsOrganisational Skills. Highly skilled in managing multiple tasks within set deadlines whilst managing expectations of invested partiesCommunication Skills. Excellent verbal and written communication skills, with the ability to convey complex information clearly and concisely to diverse audiences.Decision making. Highly skilled in tactical decision-making with organisational impact.Problem-solving. Able to address day-to-day challenges quickly with a focus on operational solutions. Highly skilled at deconstructing large complex problems into solutions that can be easily understood and executed by business and digital teamsDigital Security at AVEVAOur Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud.As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cybersecurity, you’ll find fulfilment and opportunity in our team.Find out more:UK Benefits include:Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive.Find out more: aveva.com/en/about/careers/benefits/Hybrid workingBy default, employees are expected to be in their local AVEVA office three days a week, but some positions are fully office-based. Roles supporting particular customers or markets are sometimes remote.Hiring processInterested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.Find out more: aveva.com/en/about/careers/hiring-processAbout AVEVAAVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably.We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy. Learn more about how we are progressing against our ambitious 2030 targets: sustainability-report.aveva.com/Find out more: aveva.com/en/about/careers/AVEVA requires all successful applicants to undergo and pass a drug screening and comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check. Certain positions dealing with sensitive and/or third-party personal data may involve additional background check criteria.AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. AVEVA provides reasonable accommodation to applicants with disabilities where appropriate. If you need reasonable accommodation for any part of the application and hiring process, please notify your recruiter. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.
Apply For Job

#J-18808-Ljbffr