Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security risk management and compliance activities across the Group, especially in OT environments.
- Company: Join Drax, a leader in sustainable energy, committed to decarbonising the planet for future generations.
- Benefits: Enjoy competitive salary, 25 days leave, private medical insurance, and a performance-based bonus.
- Other info: Flexible location options available; apply by 11th August 2025.
- Why this job: Make a real impact on climate change while shaping your career in a supportive team environment.
- Qualifications: Experience in risk management with knowledge of IEC 62443, ISO 27005, and strong communication skills required.
The predicted salary is between 43200 - 72000 £ per year.
Security Riskand Compliance Lead (OT)
Flexiblelocation – Glasgow, Ipswich, London, Selby
Permanent, full time
Closing date: Monday 11th August 2025
Who we are
We’re not just talking about making a difference, we’re making it happen. Wegenerate dispatchable, renewable power and create stable energy in an uncertainworld. Building on our proud heritage, we have ambition to become the globalleader in sustainable biomass and carbon removals.
You’ll be joining our teams of practical doers, future thinkers and businesschampions. We’re enabling a zero carbon, lower cost energy future for all, andworking hard to decarbonise the planet for generations to come.
About the role
This is an information security risk and compliance-based role, reporting intothe Head of InfoSec, Governance, Risk and Compliance via the OT Risk andCompliance Manager. You’ll be part of the Information Security, Governance,Risk and Compliance Team (IGRC) but will work closely but with a wide varietyof business stakeholders including Engineering and Security teams cross-functionally.
You’ll leadon all aspects of security risk management activity across the Group, butparticularly in respect to our OT environments. This role will also assist inthe delivery of Security Policy, Data Classification, and Compliance Managementin accordance with business and regulatory requirements across the Group.
The role willdeliver against the business strategy, the technical roadmap and the objectivesset out in the Security strategy.
Responsibilities include:
-Defining of Security risk assessment schedules, providing oversight to otherauthorised risk practitioners, conducting risk assessments, and maintainingaccurate security risk records and risk reports.
-Ensuring controls and risk treatment plans align with our policies andstandards.
-Leading security risk review meetings with key stakeholders and providingsecurity representation at business unit risk review and Senior Leadership Team(SLT) meetings as required, effectively communicating all Security relatedrisks and mitigations.
-Supporting with the develop and improve the Group Security Risk Managementframework.
– Effectivelyliaising with regulators, auditors, Drax teams, consultants and contractors todeliver against agreed targets.
Who we’re looking for
Ideally, you’ll have experience leading within a risk management role and havea good knowledge of methodologies such as IEC 62443 and ISO 27005. Knowledge ofcontrol frameworks such as NIST, IEC 62443, ISO 27001, ITIL (InformationTechnology Infrastructure Library), and SABSA is also required.
You’ll need to have a structured, methodical and accurate approach with theability to interpret relevant industry regulations and standards. Ideally,you’ll also be familiar with the development and maintenance of managementsystems.
This role requires strong communication and stakeholder management skills, withthe ability to influence beyond your sphere of control.
Rewards and benefits
As you help us to shape the future, we’ve shaped our rewards and benefits tohelp you thrive and support your lifestyle:
– Competitive salary
– 15% on-target discretionary group performance-based bonus
– 25 days annual leave (plus Bank Holidays)
– Single cover private medical insurance
– Pension scheme
We’re committed to making a tangible impact on the climate challenge we allface. Drax is where your individual purpose can work alongside your careerdrive. We work as part of a team that shares a passion for doing what’s rightfor the future. With Drax you can shape your career and a future forgenerations to come.
Together, we make it happen.
At Drax, we’re committed to fostering an environment where everyone feelsvalued and respected, regardless of their role. To make this a reality, weactively work to better represent the communities we operate in, fosterinclusion, and establish fair processes. Through these actions, we build thetrust needed for all colleagues at Drax to contribute their perspectives andtalents, no matter their background. Find out more about our approachhere.
How to apply
Think this role’s for you? Click the ‘Apply now’ button to begin your Draxjourney.
If you want to find out more about Drax, check out our LinkedIn page to see ourlatest news.
#J-18808-Ljbffr
Security Risk & Compliance Lead (OT) employer: Drax Group
Contact Detail:
Drax Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Risk & Compliance Lead (OT)
✨Tip Number 1
Familiarise yourself with the specific methodologies mentioned in the job description, such as IEC 62443 and ISO 27005. Being able to discuss these frameworks confidently during your interview will demonstrate your expertise and alignment with the role.
✨Tip Number 2
Network with professionals in the information security and compliance field, especially those who have experience in operational technology (OT). Engaging with industry peers can provide insights and potentially lead to referrals that could strengthen your application.
✨Tip Number 3
Prepare to showcase your stakeholder management skills by thinking of examples where you've successfully influenced decisions or led discussions. This is crucial for the role, as you'll be working closely with various teams and need to communicate effectively.
✨Tip Number 4
Research Drax's current initiatives and projects related to sustainability and energy. Understanding their mission and values will not only help you tailor your responses but also show your genuine interest in contributing to their goals.
We think you need these skills to ace Security Risk & Compliance Lead (OT)
Some tips for your application 🫡
Understand the Role: Before applying, make sure you fully understand the responsibilities and requirements of the Security Risk & Compliance Lead position. Familiarise yourself with key methodologies like IEC 62443 and ISO 27005, as well as control frameworks such as NIST and ISO 27001.
Tailor Your CV: Customise your CV to highlight relevant experience in risk management and compliance. Emphasise your knowledge of security frameworks and your ability to communicate effectively with stakeholders, as these are crucial for this role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for information security and your commitment to sustainability. Mention specific examples of how you've successfully managed security risks in previous roles and how you can contribute to Drax's mission.
Proofread Your Application: Before submitting, carefully proofread your application materials. Check for any spelling or grammatical errors, and ensure that all information is accurate and clearly presented. A polished application reflects your attention to detail.
How to prepare for a job interview at Drax Group
✨Understand the Role and Responsibilities
Make sure you thoroughly understand the job description and responsibilities of the Security Risk & Compliance Lead. Familiarise yourself with key terms like IEC 62443, ISO 27005, and NIST frameworks, as these will likely come up during your interview.
✨Prepare for Stakeholder Management Questions
Given the importance of communication and stakeholder management in this role, be ready to discuss your experience in leading meetings and influencing decisions. Think of specific examples where you've successfully managed stakeholders or communicated complex security risks.
✨Showcase Your Methodical Approach
This position requires a structured and methodical approach to risk management. Be prepared to explain how you organise your work, conduct risk assessments, and maintain accurate records. Highlight any tools or methodologies you use to ensure accuracy and compliance.
✨Demonstrate Your Passion for Sustainability
Drax is focused on creating a sustainable future, so it’s important to convey your passion for environmental issues. Share any relevant experiences or initiatives you've been involved in that align with Drax's mission to decarbonise the planet.