Digital Security - Principal Specialist, Security Risk & Assurance
Company: AVEVA
AVEVA is creating software trusted by over 90% of leading industrial companies.
Position: Digital Security - Principal Specialist, Security Risk & Assurance
Previous Experience: Preferable 5+ years relevant work experience in security governance, risk, and compliance with at least 1 year of working as a senior specialist within a significant department. Experience of fulfilling a similar role in a software publishing or internet business is preferable.
Location: London/Cambridge, United Kingdom (3 days at the office)
Employment Type: Full-time regular (flexible working options available)
Benefits: Competitive salary; flexible benefits fund which can be utilized against over 20 benefits; pension scheme with up to 9% employer contribution; life insurance; income protection insurance; 28 days annual leave (plus bank holidays); 3 days paid volunteering.
The Job: The Risk & Assurance Principal Specialist for Security GRC (Governance, Risk and Compliance) is a senior member of the global security team whose primary role is to lead the development and continual improvement of the risk and assurance services provided by the Digital Security Team. This role will be responsible for contributing to the development, implementation, operation, and optimization of security risk management and assurance services into the AVEVA business.
Key Responsibilities:
* Policy and Oversight: Performance of policy, standards, and exemption services to enable controls and supporting control practices to be embedded and optimized across the organization.
* Risk Management and Assurance: Build, operate, and optimize security risk management and risk assurance services that enable effective, and data-driven risk management and reporting across operations.
* Risk Assessment: Enable business stakeholders to identify and evaluate security risk effectively. Where complex group-wide risk assessments are required, lead the assessment and document lessons learned to enable continued optimization of procedures.
* Control Systems Management: Provide knowledge to business stakeholders to enable adoption, adaptation, and optimization of security controls across the organization.
* Supply Chain Security Risk Management: Build, operate, and optimize the supply chain security risk management service to enable effective management of supplier security risks across the organization.
Ideal Experience:
* Experience: Preferable 5+ years relevant work experience in security governance, risk, and compliance with at least 1 year of working as a senior specialist within a significant department.
* Analytics: Ability to dig into details as well as analyze data from a high-level view to identify patterns and continual improvements to risk and control position.
* Cybersecurity Frameworks: Proven experience of building risk management service and providing risk assurance services against industry governance frameworks across global enterprise, including 3rd Party Supply Chain.
* Communication: Proven experience of translating complex digital and technical cybersecurity risks using language and terms that resonate with the recipient.
* Ways of Working: Cross-functional partnership skills with a confirmed ability to lead multiple stakeholders with conflicting priorities in a fast and constantly changing environment.
Great Skills to Have:
* Customer Focused: Skilled in developing strong trusted customer relationships built on understanding their needs over time.
* Critical Thinking: Ability to think critically about risk procedures and take necessary actions to enhance their adoption and effective use across the organization.
* Creativity: Capable of tackling risk management challenges with innovative solutions and a fresh perspective.
* People Skills: Proven influencing skills that enable effective engagement with a diverse range of stakeholders.
* Knowledge of Business Technology and Digital Products: Stays current on regulations and understanding the impact of technology on the Digital Security services.
* Qualifications: A professional certification in governance or compliance, such as CRISC, CISM, CISSP, or equivalent.
* Education: A degree in a relevant field such as cyber security, risk management, information technology or related technical field.
Digital Security at AVEVA: Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure.
Hiring Process: Interested? Great! Get started by submitting your cover letter and CV through our application portal.
About AVEVA: AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries.
#J-18808-Ljbffr