Digital Security - Director, Security GRC
AVEVA
At AVEVA, we work with you and harness the power of our ecosystem, to deliver solutions and expertise to optimize engineering, operations and performance. AVEVA is creating software trusted by over 90% of leading industrial companies. The job The Director for Security GRC (Governance, Risk and Compliance) is a leader of the global security team whose primary role is to lead the development and continual improvement of the governance, risk, and compliance services provided by the Digital Security Team. This role will be responsible for leading the integration of the governance and compliance services into the AVEVA business and digital services and therefore experience of developing and operationalising these services is essential. The post holder will drive the development and delivery of the core security governance and compliance offering that materially uplift the organisation’s security performance and is responsible for the day-to-day management of the governance, risk, and compliance deliverables and management of direct reports in the team. Responsibilities Provide deep and specialised subject matter expert (SME) knowledge and thought leadership on the following matters: Delivery & Strategy Assurance:
Build, operate, and optimise oversight services that enable effective and efficient delivery of Digital Security strategy and programmes of work. Policy and Oversight:
Performance of policy, standards, and exemption services to enable controls and supporting control practices to be embedded and optimised across the organisation. Compliance and Certification:
Build, operate, oversee, and optimise evidence-based cybersecurity compliance and certification services that evaluate the security control position of business processes and practices used by the organisation. Operational Management:
Lead operational service and team planning to deliver effective and efficient services. Recruit, train, mentor, and supervise team members to build a competent professional skilled team with clear career pathways for members. Provide GRC consultation to executives and thought leadership and complete work tasks to set and enable Digital Security GRC strategy. Skills and qualifications Preferred skills Experience:
Preferable 10+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a director or equivalent of a significant department. Extensive experience of fulfilling a similar role in a software publishing or internet business is preferable. Leadership:
Extensive experience overseeing multiple teams or departments providing high-level direction and collaborative leadership focused on security governance risk and compliance with preference for experience obtained in a software or internet service organisation. Regulatory Compliance:
Extensive experience of working within a global regulated environment and advising others on the principal requirements of major legislation and regulations relevant to security, and the legal and regulatory instruments relevant to the role. Desired skills Customer Focused:
Skilled in developing strong trusted customer relationships built on understanding their needs over time and delivering what’s promised. Creativity:
Capable of tackling risk management challenges with innovative solutions and a fresh perspective. People Skills:
Proven influencing skills that enable effective engagement with a diverse range of stakeholders to enable win/win situations. Experienced in managing conflicting priorities, multiple tasks, and working within a matrix managed environment to achieve successful outcomes. Knowledge of Business Technology and Digital Products:
Stays current on regulations and understanding the impact of technology on the Digital Security services and the organisations security risk control positions. Qualifications:
A professional certification in governance or compliance, such as CISA, CISM or equivalent. Education:
A degree in a relevant field such as cyber security, risk management, information technology or related technical field. Digital Security at AVEVA Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud. As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cybersecurity, you’ll find fulfilment and opportunity in our team. UK Benefits include: Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program. It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive. Hiring process Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process. About AVEVA AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably. We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy.
#J-18808-Ljbffr
AVEVA
At AVEVA, we work with you and harness the power of our ecosystem, to deliver solutions and expertise to optimize engineering, operations and performance. AVEVA is creating software trusted by over 90% of leading industrial companies. The job The Director for Security GRC (Governance, Risk and Compliance) is a leader of the global security team whose primary role is to lead the development and continual improvement of the governance, risk, and compliance services provided by the Digital Security Team. This role will be responsible for leading the integration of the governance and compliance services into the AVEVA business and digital services and therefore experience of developing and operationalising these services is essential. The post holder will drive the development and delivery of the core security governance and compliance offering that materially uplift the organisation’s security performance and is responsible for the day-to-day management of the governance, risk, and compliance deliverables and management of direct reports in the team. Responsibilities Provide deep and specialised subject matter expert (SME) knowledge and thought leadership on the following matters: Delivery & Strategy Assurance:
Build, operate, and optimise oversight services that enable effective and efficient delivery of Digital Security strategy and programmes of work. Policy and Oversight:
Performance of policy, standards, and exemption services to enable controls and supporting control practices to be embedded and optimised across the organisation. Compliance and Certification:
Build, operate, oversee, and optimise evidence-based cybersecurity compliance and certification services that evaluate the security control position of business processes and practices used by the organisation. Operational Management:
Lead operational service and team planning to deliver effective and efficient services. Recruit, train, mentor, and supervise team members to build a competent professional skilled team with clear career pathways for members. Provide GRC consultation to executives and thought leadership and complete work tasks to set and enable Digital Security GRC strategy. Skills and qualifications Preferred skills Experience:
Preferable 10+ years relevant work experience in security governance, risk, and compliance with at least 3 years of working as a director or equivalent of a significant department. Extensive experience of fulfilling a similar role in a software publishing or internet business is preferable. Leadership:
Extensive experience overseeing multiple teams or departments providing high-level direction and collaborative leadership focused on security governance risk and compliance with preference for experience obtained in a software or internet service organisation. Regulatory Compliance:
Extensive experience of working within a global regulated environment and advising others on the principal requirements of major legislation and regulations relevant to security, and the legal and regulatory instruments relevant to the role. Desired skills Customer Focused:
Skilled in developing strong trusted customer relationships built on understanding their needs over time and delivering what’s promised. Creativity:
Capable of tackling risk management challenges with innovative solutions and a fresh perspective. People Skills:
Proven influencing skills that enable effective engagement with a diverse range of stakeholders to enable win/win situations. Experienced in managing conflicting priorities, multiple tasks, and working within a matrix managed environment to achieve successful outcomes. Knowledge of Business Technology and Digital Products:
Stays current on regulations and understanding the impact of technology on the Digital Security services and the organisations security risk control positions. Qualifications:
A professional certification in governance or compliance, such as CISA, CISM or equivalent. Education:
A degree in a relevant field such as cyber security, risk management, information technology or related technical field. Digital Security at AVEVA Our Digital Security team is responsible for protecting AVEVA’s digital assets and keeping the company’s data and IP secure. We’re also playing a critical role in AVEVA’s move to the cloud. As cyber threats grow and more and more data moves into the cloud, the importance of our role is only going to grow. If you’re a collaborative problem solver that’s passionate about cybersecurity, you’ll find fulfilment and opportunity in our team. UK Benefits include: Flexible benefits fund, emergency leave days, adoption leave, 28 days annual leave (plus bank holidays), pension, life cover, private medical insurance, parental leave, education assistance program. It’s possible we’re hiring for this position in multiple countries, in which case the above benefits apply to the primary location. Specific benefits vary by country, but our packages are similarly comprehensive. Hiring process Interested? Great! Get started by submitting your cover letter and CV through our application portal. AVEVA is committed to recruiting and retaining people with disabilities. Please let us know in advance if you need reasonable support during your application process. About AVEVA AVEVA is a global leader in industrial software with more than 6,500 employees in over 40 countries. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life – such as energy, infrastructure, chemicals, and minerals – safely, efficiently, and more sustainably. We are committed to embedding sustainability and inclusion into our operations, our culture, and our core business strategy.
#J-18808-Ljbffr
