Digital Security - Senior Manager, Security Risk & Assurance

AVEVA is creating software trusted by over 90% of leading industrial companies.

Position: Digital Security - Senior Manager, Security Risk & Assurance

Previous experience: Preferable 7+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a senior expert or manager of a significant department. Experience of fulfilling similar role in a software publishing or internet business is preferable.

Location: London/Cambridge, United Kingdom (3 days at the office)

Employment type: Full-time regular (flexible working options available)

Benefits: Competitive salary; flexible benefits fund which can be utilised against over 20 benefits; pension scheme with up to 9% employer contribution; life insurance; income protection insurance; 28 days annual leave (plus bank holidays); 3 days paid volunteering.

The job

The Security Risk & Security Senior Manager is a senior member of the global security team whose primary role is to lead the development and continual improvement of the risk and assurance services provided by the Digital Security Team.

This role will be responsible for leading the development, implementation, operation, and optimisation of security risk management and assurance services into the AVEVA business. The post holder will establish clear risk appetites and enable business owners to manage their respective security risks including, supply chain, in-line with regulatory needs and board level appetite. Experience of developing and operationalising these services and fulfilling a second line of defence risk management and assurance role, is essential.

Key responsibilities

The role is expected to provide deep and specialised subject matter expert (SME) knowledge and thought leadership on the follow matters:

• Risk Management and Assurance: Develop, implement and operate a security risk management and assurance framework and associated services

• Control Systems Management: Provide knowledge to business stakeholders to enable adoption, adaption, and optimisation of security controls across the organisation

• Supply Chain Security Risk Management: Build, operate, and optimise the supply chain security risk management service to enable effective management of supplier security risks across the organisation

• Stakeholder Engagement: Build and maintain trusted relationships with stakeholders to embed security risk practices into operational activities. This includes providing guidance and thought leadership on risk best practice and assurance to technical and non-technical stakeholders

• Operational Management: Lead operational service and team planning to deliver effective and efficient services. Recruit, train, mentor, and supervise team members to build a competent professional skilled team with clear career pathways for members

• Senior Leadership: Provide risk management consultation and thought leadership to executives to set and enable Digital Security GRC strategy

Ideal experience

• Experience: Preferable 7+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a senior expert or manager of a significant department. Experience of fulfilling similar role in a software publishing or internet business is preferable

• Leadership: Significant experience leading teams, projects, and day-to-day operations focussed on security risk assurance with preference for experience obtained in a software or internet service organisation

• Risk Management and Assurance: Extensive experience of understanding of using threat, security control performance and business operations to independently assess residual security risk position to the end customer based on business processes and practices including product development lifecycle and supply chain

• Cybersecurity Frameworks: Significant experience of building risk management service and providing risk assurance services against industry governance frameworks across global enterprise

Great skills to have

• Customer Focussed: Skilled in developing strong trusted customer relationships built on understanding their needs over time and delivering what’s promised

• Critical Thinking: Ability to think critically about risk procedures and take necessary actions to enhance their adoption and effective use across the organisation

• Creativity: Capable of tackling risk management challenges with innovative solutions and a fresh perspective

• People Skills. Proven influencing skills that enable effective engagement with a diverse range of stakeholders to enable win/win situations. Experienced in managing conflicting priorities, multiple tasks, and working within a matrix manged environment to achieve successful outcomes

• Knowledge of Business Technology and Digital Products: Stays current on regulations and understanding the impact of technology on the Digital Security services and the organisations security risk control positions

• Qualifications: A professional certification in governance or compliance, such as CRISC, CISM, CISSP, or equivalent

• Education: A degree in a relevant field such as cyber security, risk management, information technology or related technical field

Digital Security at AVEVA

Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud.

As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cybersecurity, you’ll find fulfilment and opportunity in our team.

UK Benefits include:  

Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program.

It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive.

Find out more: aveva.com/en/about/careers/benefits/

Hybrid working

By default, employees are expected to be in their local AVEVA office three days a week, but some positions are fully office-based. Roles supporting particular customers or markets are sometimes remote.

Hiring process

Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process.

Find out more: aveva.com/en/about/careers/hiring-process

About AVEVA

AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably.

We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy. Learn more about how we are progressing against our ambitious 2030 targets: sustainability-report.aveva.com/

Find out more: aveva.com/en/about/careers/

AVEVA requires all successful applicants to undergo and pass a drug screening and comprehensive background check before they start employment. Background checks will be conducted in accordance with local laws and may, subject to those laws, include proof of educational attainment, employment history verification, proof of work authorization, criminal records, identity verification, credit check.  Certain positions dealing with sensitive and/or third-party personal data may involve additional background check criteria.

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business.  AVEVA provides reasonable accommodation to applicants with disabilities where appropriate. If you need reasonable accommodation for any part of the application and hiring process, please notify your recruiter. Determinations on requests for reasonable accommodation will be made on a case-by-case basis.