Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead Cyber Threat Intelligence and Vulnerability Management to protect our renewable energy future.
- Company: Join Drax, a leader in sustainable energy and carbon removals.
- Benefits: Enjoy competitive salary, performance bonuses, private medical insurance, and generous leave.
- Other info: Flexible hybrid working and a commitment to diversity and inclusion.
- Why this job: Make a real impact on climate change while advancing your career in cybersecurity.
- Qualifications: Experience in IT/OT environments and knowledge of cyber security frameworks required.
The predicted salary is between 36000 - 60000 £ per year.
Job Description
Cyber Threat\\nIntelligence & Vulnerability Management Lead\\n Flexible location \\n Hybrid working\\n Permanent, full time\\n\\n Closing date: Monday 3rd November 2025\\n\\n Who we are\\n\\nWe’re not just talking about making a difference, we’re making it happen.\\nWe generate dispatchable, renewable power and create stable energy in an\\nuncertain world. Building on our proud heritage, we have ambition to become the\\nglobal leader in sustainable biomass and carbon removals.\\n\\n You’ll be joining our teams of practical doers, future thinkers and business\\nchampions. We’re enabling a zero carbon, lower cost energy future for all, and\\nworking hard to decarbonise the planet for generations to come.\\n\\n About the role\\n\\nThe primary purpose of this role is to manage and influence all aspects of\\nCyber Threat Intelligence and Vulnerability Management, but particularly in the\\ndevelopment of the threat landscape to Drax.
You’ll also assist in the\\ndevelopment of Technical Controls in accordance with policy, standards and\\nregulatory requirements.\\n\\n You’ll help to develop and support senior management with the technical\\ncontrols and cyber threat intelligence skills within the group-wide security\\nteam and through the rollout of tools, technical controls, policies and\\nprocedures, and coaching and mentoring. The role will also have responsibility\\nfor working with asset owners to ensure that they understand their\\nresponsibilities regarding risk and technical security controls.\\n\\n You’ll deliver against the business strategy, the technical roadmap and\\nobjectives set out in the Security strategy – covering group wide security\\nrequirements.\\n\\n Additional responsibilities include:\\n\\n – Supporting the definition of technical controls matrices, Security Operations\\nCentre (SOC) processes, industrial control matrices and architectural controls,\\nproviding oversight to other SMEs in support of their BAU activities and\\nmaintaining accurate documentation and record keeping.\\n – Ensuring controls and risk treatment plans align with our policies and\\nstandards.\\n – Leading threat intelligence and vulnerability management review meetings with\\nkey stakeholders and provision of security representation at business unit\\ntechnical review and Senior Leadership Team (SLT) meetings as required.\\nEffectively communicating all technical controls and mitigations.\\n – Continuing to develop and improve the Group Cyber Threat Intelligence\\nframework technical controls, industrial controls and architectural controls\\nincluding the effective management of the required documentation across the\\nGroup.\\n – Recommending and implementing an appropriate toolkit for Cyber Threat\\nIntelligence.\\n – Technical control reporting.\\n – Researching threats, Indicators of Compromise (IoCs) and threat actor Tactics,Techniques and Procedures (TTPs) to support Threat Hunting, Signature\\nDevelopment and Threat Intelligence Platform (TIP) processes.\\n – Providing strong technical oversight to deliver consistency and quality in\\ntechnical work across the Group.\\n – Participating in Audits, Technical Design Authority and Change Advisory\\nBoards as required.\\n\\n Who we’re looking for\\n\\nThis role requires the ability to interpret Cyber Threat Intelligence and\\ntechnical controls and communicate effectively to all levels of the\\norganisation.\\n\\n Ideally, you’ll have a good experience working within IT/OT in an operational\\nor corporate environment with a good knowledge of control frameworks such as\\nISO27001, ITIL (Information Technology Infrastructure Library), NIST, SABSA and\\nIEC 62443 and cyber kill chain.\\n\\n You’ll have a good knowledge of Risk Management Methodologies such as ISO27005\\nand IRAM2/security frameworks NIST/NIS CAF/IEC/SoGp Cyber Kill chain with\\nstrong IT technical skills to support this knowledge.\\n\\n You’ll also demonstrate strong communication (verbal and written) and\\nstakeholder management skills, with the ability to take the initiative and\\nhandle multiple projects simultaneously.\\n\\nRewards and benefits\\n\\nAs you help us to shape the future, we’ve shaped our rewards and benefits to help you thrive and support your lifestyle:\\n\\n- Competitive salary\\n- Discretionary group performance-based bonus\\n- 25 days annual leave (plus Bank Holidays)\\n- Single cover private medical insurance\\n- Pension scheme\\n\\nWe’re committed to making a tangible impact on the climate challenge we all face. Drax is where your individual purpose can work alongside your career drive.
We work as part of a team that shares a passion for doing what’s right for the future. With Drax you can shape your career and a future for generations to come.\\n\\nTogether, we make it happen.\\n\\nAt Drax, we’re committed to fostering an environment where everyone feels valued and respected, regardless of their role. To make this a reality, we actively work to better represent the communities we operate in, foster inclusion, and establish fair processes.
Through these actions, we build the trust needed for all colleagues at Drax to contribute their perspectives and talents, no matter their background. Find out more about our approach here.\\n\\nHow to apply\\n\\nThink this role’s for you? Click the ‘Apply now’ button to begin your Drax journey.\\n\\nIf you want to find out more about Drax, check out our LinkedIn page to see our latest news
Cyber Threat Intelligence & Vulnerability Management Lead employer: Drax
Contact Detail:
Drax Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Threat Intelligence & Vulnerability Management Lead
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend events, and connect on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their mission and values, especially around sustainability and innovation, so you can show how you fit into their vision.
✨Tip Number 3
Practice your responses to common interview questions, but keep it natural. Use the STAR method (Situation, Task, Action, Result) to structure your answers and highlight your relevant experience.
✨Tip Number 4
Don’t forget to follow up after your interview! A quick thank-you email can leave a lasting impression and shows your enthusiasm for the role. Plus, it keeps you on their radar!
We think you need these skills to ace Cyber Threat Intelligence & Vulnerability Management Lead
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Cyber Threat Intelligence & Vulnerability Management Lead role. Highlight relevant experience and skills that match the job description, especially around technical controls and risk management methodologies.
Craft a Compelling Cover Letter: Your cover letter should tell us why you're the perfect fit for this role. Share specific examples of your past work in cyber threat intelligence and how you've influenced security practices in previous positions.
Showcase Your Communication Skills: Since this role involves communicating with various stakeholders, demonstrate your strong communication skills in your application. Use clear and concise language, and don’t shy away from showcasing your ability to explain complex concepts simply.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It’s the best way for us to receive your application and ensures you’re considered for the role without any hiccups!
How to prepare for a job interview at Drax
✨Know Your Cyber Threat Landscape
Before the interview, dive deep into the current cyber threat landscape, especially as it relates to the energy sector. Familiarise yourself with recent threats and vulnerabilities that have impacted similar companies. This will not only show your expertise but also your genuine interest in the role.
✨Master the Technical Controls
Brush up on key control frameworks like ISO27001, NIST, and ITIL. Be prepared to discuss how these frameworks apply to the role and how you’ve implemented them in past experiences. Having specific examples ready will demonstrate your hands-on knowledge and problem-solving skills.
✨Communicate Clearly and Confidently
Since this role involves communicating technical information to various stakeholders, practice explaining complex concepts in simple terms. Use clear examples from your experience to illustrate your points. This will showcase your ability to bridge the gap between technical and non-technical audiences.
✨Showcase Your Stakeholder Management Skills
Think of instances where you've successfully managed stakeholder relationships or led meetings. Be ready to discuss how you navigated challenges and ensured alignment among different teams. This will highlight your leadership qualities and your ability to work collaboratively.