About the Role:
The primary purpose of this role is to manage and influence all aspects ofCyber Threat Intelligence and Vulnerability Management, but particularly in thedevelopment of the threat landscape to Drax. You’ll also assist in thedevelopment of Technical Controls in accordance with policy, standards andregulatory requirements.
You’ll help to develop and support senior management with the technicalcontrols and cyber threat intelligence skills within the group-wide securityteam and through the rollout of tools, technical controls, policies andprocedures, and coaching and mentoring. The role will also have responsibilityfor working with asset owners to ensure that they understand theirresponsibilities regarding risk and technical security controls.
You’ll deliver against the business strategy, the technical roadmap andobjectives set out in the Security strategy – covering group wide securityrequirements.
Additional responsibilities include:
- Supporting the definition of technical controls matrices, Security OperationsCentre (SOC) processes, industrial control matrices and architectural controls,providing oversight to other SMEs in support of their BAU activities andmaintaining accurate documentation and record keeping.
- Ensuring controls and risk treatment plans align with our policies andstandards.
- Leading threat intelligence and vulnerability management review meetings withkey stakeholders and provision of security representation at business unittechnical review and Senior Leadership Team (SLT) meetings as required.Effectively communicating all technical controls and mitigations.
- Continuing to develop and improve the Group Cyber Threat Intelligenceframework technical controls, industrial controls and architectural controlsincluding the effective management of the required documentation across theGroup.
- Recommending and implementing an appropriate toolkit for Cyber ThreatIntelligence.
- Technical control reporting.
- Researching threats, Indicators of Compromise (IoCs) and threat actorTactics, Techniques and Procedures (TTPs) to support Threat Hunting, SignatureDevelopment and Threat Intelligence Platform (TIP) processes.
- Providing strong technical oversight to deliver consistency and quality intechnical work across the Group.
- Participating in Audits, Technical Design Authority and Change AdvisoryBoards as required.
Who we’re looking for
This role requires the ability to interpret Cyber Threat Intelligence andtechnical controls and communicate effectively to all levels of theorganisation.
Ideally, you’ll have a good experience working within IT/OT in an operationalor corporate environment with a good knowledge of control frameworks such asISO27001, ITIL (Information Technology Infrastructure Library), NIST, SABSA andIEC 62443 and cyber kill chain.
You’ll have a good knowledge of Risk Management Methodologies such as ISO27005and IRAM2/security frameworks NIST/NIS CAF/IEC/SoGp Cyber Kill chain withstrong IT technical skills to support this knowledge.
You’ll also demonstrate strong communication (verbal and written) andstakeholder management skills, with the ability to take the initiative andhandle multiple projects simultaneously.
Rewards and benefits
As you help us to shape the future, we’ve shaped our rewards and benefits tohelp you thrive and support your lifestyle:
- Competitive salary
- Discretionary group performance-based bonus
- 25 days annual leave (plus Bank Holidays)
- Single cover private medical insurance
- Pension scheme
We’re committed to making a tangible impact on the climate challenge we allface. Drax is where your individual purpose can work alongside your careerdrive. We work as part of a team that shares a passion for doing what’s rightfor the future. With Drax you can shape your career and a future forgenerations to come.
Together, we make it happen.
At Drax, we’re committed to fostering an environment where everyone feelsvalued and respected, regardless of their role. To make this a reality, weactively work to better represent the communities we operate in, fosterinclusion, and establish fair processes. Through these actions, we build thetrust needed for all colleagues at Drax to contribute their perspectives andtalents, no matter their background. Find out more about our approach .
How to apply
Think this role’s for you? Click the ‘Apply now’ button to begin your Draxjourney.
If you want to find out more about Drax, check out our LinkedIn page to see ourlatest news.