Job Description

Security Risk and Compliance Lead (OT)

Flexible location - Glasgow, Ipswich, London, Selby

Permanent, full time

Closing date: Monday 11th August 2025

Who we are

We're not just talking about making a difference, we're making it happen. We generate dispatchable, renewable power and create stable energy in an uncertain world. Building on our proud heritage, we have ambition to become the global leader in sustainable biomass and carbon removals.



You'll be joining our teams of practical doers, future thinkers and business champions. We're enabling a zero carbon, lower cost energy future for all, and working hard to decarbonise the planet for generations to come.

About the role

This is an information security risk and compliance-based role, reporting into the Head of InfoSec, Governance, Risk and Compliance via the OT Risk and Compliance Manager. You'll be part of the Information Security, Governance, Risk and Compliance Team (IGRC) but will work closely but with a wide variety of business stakeholders including Engineering and Security teams cross-functionally.



You'll lead on all aspects of security risk management activity across the Group, but particularly in respect to our OT environments. This role will also assist in the delivery of Security Policy, Data Classification, and Compliance Management in accordance with business and regulatory requirements across the Group.



The role will deliver against the business strategy, the technical roadmap and the objectives set out in the Security strategy.



Responsibilities include:



Defining of Security risk assessment schedules, providing oversight to other authorised risk practitioners, conducting risk assessments, and maintaining accurate security risk records and risk reports. Ensuring controls and risk treatment plans align with our policies and standards. Leading security risk review meetings with key stakeholders and providing security representation at business unit risk review and Senior Leadership Team (SLT) meetings as required, effectively communicating all Security related risks and mitigations. Supporting with the develop and improve the Group Security Risk Management framework. Effectively liaising with regulators, auditors, Drax teams, consultants and contractors to deliver against agreed targets.

Who we're looking for

Ideally, you'll have experience leading within a risk management role and have a good knowledge of methodologies such as IEC 62443 and ISO 27005. Knowledge of control frameworks such as NIST, IEC 62443, ISO 27001, ITIL (Information Technology Infrastructure Library), and SABSA is also required.



You'll need to have a structured, methodical and accurate approach with the ability to interpret relevant industry regulations and standards. Ideally, you'll also be familiar with the development and maintenance of management systems.



This role requires strong communication and stakeholder management skills, with the ability to influence beyond your sphere of control.

Rewards and benefits

As you help us to shape the future, we've shaped our rewards and benefits to help you thrive and support your lifestyle:



Competitive salary 15% on-target discretionary group performance-based bonus 25 days annual leave (plus Bank Holidays) Single cover private medical insurance Pension scheme


We're committed to making a tangible impact on the climate challenge we all face. Drax is where your individual purpose can work alongside your career drive. We work as part of a team that shares a passion for doing what's right for the future. With Drax you can shape your career and a future for generations to come.



Together, we make it happen.



At Drax, we're committed to fostering an environment where everyone feels valued and respected, regardless of their role. To make this a reality, we actively work to better represent the communities we operate in, foster inclusion, and establish fair processes. Through these actions, we build the trust needed for all colleagues at Drax to contribute their perspectives and talents, no matter their background. Find out more about our approach here.

How to apply

Think this role's for you? Click the 'Apply now' button to begin your Drax journey.



If you want to find out more about Drax, check out our LinkedIn page to see our latest news.