Do you want to make an impact within a growing, ambitious IT department? Do you have experience in implementing and maintaining information security risk assessment, risk management, risk treatment policies?
If so, this is the opportunity for you!
Opus Energy , part of the Drax group, is a leading independent supplier of gas and electricity to businesses across the UK. With over 315,000 customers and circa 900 employees spread across modern offices in Oxford, Northampton and Cardiff, we’re a dynamic and innovative organisation. Due to continued growth in our IT department we are looking to recruit an IT Risk and Compliance Manager to join our team in Northampton.
In this role you will work closely with Business Change to ensure that projects have structured risk governance making sure risks are controlled, managed and risk treatment implemented in a consistent and auditable manner, in accordance with company policy. The post holder will be responsible for ensuring IT project teams have appropriate risk management and risk treatment controls embedded within their delivery schedule.
You will provide direction in respect of risk assessment, risk management, good practice compliance, governance and risk treatment and document and rollout IT risk management policy for compliance and governance across IT, projects and support audits, technical design authority and change advisory boards . You'll provide strong central oversight to deliver consistency and quality in risk management compliance work across the IT function, Drax group and wider business including the supply chain.
You will lead the quarterly risk meetings with key stakeholders, communicating all IT related business risk and mitigation and be responsible for driving the delivery of mandatory risk management requirements to support compliance with the Smart Energy Code (SEC) as well as being responsible for representing Opus Energy during regulatory compliance audits and providing compliance evidence requirements to regulatory audit and inspection teams. Importantly you'll perform information security risk assessments in compliance with ISO 27005.
You will need a professional certification in risk management (eg IRM, ISACA, etc) or equivalent academic qualification and experience of delivering regulatory risk management compliance activities (ISO27005, SEC, or similar regulatory requirements).
If this sounds of interest and you want to join a rapidly expanding IT department during an exciting period, we look forward to hearing from you.
If you have experience in IT security, risk and compliance and are looking for a new challenge then this could be the perfect role for you.
You’d be joining a team of dedicated security and risk specialists in an organisation that provides a nationally significant asset to the UK’s electricity supply. By Joining Drax you’ll be joining a business that recognises the importance of security and risk management, and an organisation that is really making a difference. We provide over 11% of the UK’s renewable energy supply and are looking to do more. We’ve moved 4 of our coal units over to sustainable wood pellets and have plans to bring the last two off coal well ahead of the government deadline of 2025 with ambitious re-powering projects.
As you’d expect we have a high level of investment in security and look to leading edge tools to protect our business and you’d be developing the compliance knowledge and skills within the wider IT team by rolling out tools, policies, procedures, training and coaching and mentoring. You’ll ensure IT project teams have risk management and risk treatment controls embedded into their delivery schedules.
You’ll also support the continual improvement of the group security framework, policies and standards, keeping an eye on compliance to relevant regulations. You’ll be able to engage and influence within our business units but provide central oversight to ensure consistency across our group.
You’ll need a professional risk management certification, such as IRM, ISACA or an equivalent academic qualification and a recognised security certification, coupled with experience in delivering regulatory risk management compliance activities and working with a range of stakeholders.
You’ll need to be able to influence and communicate well across the board to lead meetings, forums, audits and training. You’ll need to be flexible to travel across our network of office bases across the UK.
Apply today to bring your specialist experience to a new and rewarding opportunity at Drax. And in our experience once you get bitten by the Drax bug, you’ll find it hard to shake. We’re a unique business in a complicated industry, you’ll find it hard pressed to find another place to work like ours.