Cyber Threat Intelligence & Vulnerability Management
Lead Flexible location - Glasgow, Ipswich, London, Northampton or Selby Hybrid working Permanent, full time Closing date: Friday 2nd May 2025 Who we are We’re not just talking about making a difference, we’re making it happen. We
generate dispatchable, renewable power and create stable energy in an uncertain
world. Building on our proud heritage, we have ambition to become the global
leader in sustainable biomass and carbon removals. You’ll be joining our teams of practical doers, future thinkers and business
champions. We’re enabling a zero carbon, lower cost energy future for all, and
working hard to decarbonise the planet for generations to come. About the role The primary purpose of this role is to manage and influence all aspects of
Cyber Threat Intelligence and Vulnerability Management, but particularly in the
development of the threat landscape to Drax. You’ll also assist in the
development of Technical Controls in accordance with policy, standards and
regulatory requirements. You’ll help to develop and support senior management with the technical
controls and cyber threat intelligence skills within the group-wide security
team and through the rollout of tools, technical controls, policies and
procedures, and coaching and mentoring. The role will also have responsibility
for working with asset owners to ensure that they understand their
responsibilities regarding risk and technical security controls. You’ll deliver against the business strategy, the technical roadmap and
objectives set out in the Security strategy – covering group wide security
requirements. Additional responsibilities include: - Supporting the definition of technical controls matrices, Security Operations
Centre (SOC) processes, industrial control matrices and architectural controls,
providing oversight to other SMEs in support of their BAU activities and
maintaining accurate documentation and record keeping. - Ensuring controls and risk treatment plans align with our policies and
standards. - Leading threat intelligence and vulnerability management review meetings with
key stakeholders and provision of security representation at business unit
technical review and Senior Leadership Team (SLT) meetings as required.
Effectively communicating all technical controls and mitigations. - Continuing to develop and improve the Group Cyber Threat Intelligence
framework technical controls, industrial controls and architectural controls
including the effective management of the required documentation across the
Group. - Recommending and implementing an appropriate toolkit for Cyber Threat
Intelligence. - Technical control reporting. - Researching threats, Indicators of Compromise (IoCs) and threat actor
Tactics, Techniques and Procedures (TTPs) to support Threat Hunting, Signature
Development and Threat Intelligence Platform (TIP) processes. - Providing strong technical oversight to deliver consistency and quality in
technical work across the Group. - Participating in Audits, Technical Design Authority and Change Advisory
Boards as required. Who we’re looking for This role requires the ability to interpret Cyber Threat Intelligence and
technical controls and communicate effectively to all levels of the
organisation. Ideally, you’ll have a good experience working within IT/OT in an operational
or corporate environment with a good knowledge of control frameworks such as
ISO27001, ITIL (Information Technology Infrastructure Library), NIST, SABSA and
IEC 62443 and cyber kill chain. You’ll have a good knowledge of Risk Management Methodologies such as ISO27005
and IRAM2/security frameworks NIST/NIS CAF/IEC/SoGp Cyber Kill chain with
strong IT technical skills to support this knowledge. You’ll also demonstrate strong communication (verbal and written) and
stakeholder management skills, with the ability to take the initiative and
handle multiple projects simultaneously.Rewards and benefits As you help us to shape the future, we’ve shaped our rewards and benefits to
help you thrive and support your lifestyle: - Competitive salary - Discretionary group performance-based bonus - 25 days annual leave (plus Bank Holidays) - Single cover private medical insurance - Pension scheme We’re committed to making a tangible impact on the climate challenge we all
face. Drax is where your individual purpose can work alongside your career
drive. We work as part of a team that shares a passion for doing what’s right
for the future. With Drax you can shape your career and a future for
generations to come. Together, we make it happen. At Drax, we’re committed to fostering an environment where everyone feels
valued and respected, regardless of their role. To make this a reality, we
actively work to better represent the communities we operate in, foster
inclusion, and establish fair processes. Through these actions, we build the
trust needed for all colleagues at Drax to contribute their perspectives and
talents, no matter their background. Find out more about our approach here.How to apply Think this role’s for you? Click the ‘Apply now’ button to begin your Drax
journey. If you want to find out more about Drax, check out our LinkedIn page to see our
latest news.