Director, Information Security – Assurance

Company: AVEVA
Apply for the Director, Information Security – Assurance
Location: London
Job Description:

Job Title

Director, Information Security – Assurance

Location

Cambridge, UK

Employment type

Full‑time regular

Previous Experience

10+ years in information security with at least 5 years in a senior role biased towards building audit/assurance capability, not just running it. Proven track record of building and leading assurance or audit teams in complex, international and multi‑stakeholder environments. Experience designing and operating controls assurance programmes spanning IT, cloud, and product security domains, with direct exposure to external audit and certification processes (ISO 27001, SOC 2).

The Job

The Director, Information Security – Assurance leads AVEVA’s Security Assurance function within the central Digital Security organization. The role is accountable for independently testing whether AVEVA’s security controls are operating as designed, providing objective evidence to support risk assurances given to AVEVA leadership and Schneider Electric, and connecting assurance findings directly to the risk register and governance process.

Key Responsibilities

Operating as the central second‑line assurance function, the Director provides independent testing and validation of controls across all federated teams. Assurance findings feed directly into the GRC risk register and governance process, supporting external audit and certification programmes ensuring AVEVA can evidence its security posture to customers, regulators, and Schneider Electric.

Controls Assurance Programme

  • Design and lead a continuous controls assurance programme that independently tests whether security controls across all federated teams are operating effectively against policy objectives and centrally defined standards.
  • Drive automation to shift from periodic point‑in‑time reviews to ongoing, evidence‑based control monitoring.

Independent Testing & Technical Review

  • Commission and oversee in‑depth technical assurance activities including penetration testing, configuration reviews, and control effectiveness assessments.
  • Provide objective, evidence‑based findings across the AVEVA digital estate — covering IT, cloud, product, and R&D environments.

Audit & Compliance Readiness

  • Own the security evidence library and lead coordination of external audit and certification processes (ISO 27001, SOC 2).
  • Leverage proactive assurance activity to build continuous audit readiness rather than reactive preparation, reusing assurance evidence to reduce duplication of effort.

Control Weakness & Remediation

  • Identify control weaknesses and coverage gaps across the AVEVA estate, including areas where controls are under‑deployed, misconfigured, or ineffective against the threat landscape.
  • Drive remediation tracking through the GRC risk register and report progress to the CISO and leadership.

Assurance Reporting

  • Provide high‑quality, evidence‑based assurance reporting to the CISO, AVEVA Executive Team, and Schneider Electric Group Security.
  • Translate technical findings into clear, actionable risk insight that directly informs governance decisions and the enterprise risk register.

People and Functional Leadership

  • Build and develop a high‑performing Assurance team with a culture of rigour, intellectual curiosity, and continuous improvement.
  • Set clear objectives, invest in professional development, and act as a visible advocate for the Assurance function across AVEVA and Schneider Electric.
  • Lead both direct reports and indirects to drive strategic alignment and output, setting and maintaining high standards as a member of the Digital Security Senior Leadership Team.
  • Navigate ambiguity and make tough decisions—ranging from structural re‑organisations and budgetary choices to talent optimisation—while maintaining team morale, transparency, and a people‑first culture in accordance with AVEVA’s values.

Skills and Experience

  • 10+ years in information security with at least 5 years in a senior role biased towards building audit/assurance capability.
  • Deep expertise in control testing methodologies, assurance frameworks, and security audit practices across ISO 27001, SOC 2, NIST CSF, NIS2, and IEC 62443.
  • Strong technical breadth across IT security, cloud security and application security, sufficient to design and oversee effective control testing across a diverse and distributed estate.
  • Experience designing and operating controls assurance programmes in complex, multi‑stakeholder environments ideally spanning IT, cloud, and product security domains.
  • Proven track record of building and leading assurance or audit teams in complex, international and multi‑stakeholder environments. Experience leading leaders is advantageous.
  • Experience owning or leading external audit and certification processes (ISO 27001, SOC 2) including evidence gathering, auditor management, and remediation tracking.
  • Reporting assurance findings and control weaknesses to executive leadership and parent company governance structures.
  • Driving automation in assurance testing and evidence gathering workflows to improve programme scalability.
  • Experience operating in regulated markets with direct exposure to compliance frameworks (ISO 27001, NIS2, IEC 62443, SOC 2).
  • Execution bias; demonstrated ability to act tactically while innovating next generation solutions.
  • Rational empathy; demonstrated experience in aligning security imperatives with the goals and values of the organisation.
  • Natural collaborator; demonstrated experience delivering joined‑up solutions across security disciplines and with federated partners.
  • Data literate, automation biased, operationally fluent.
  • Excellent assurance reporting skills; able to translate technical findings into clear, evidence‑based risk narratives for executive, audit, and regulatory audiences.

Desired/Preferred

  • Industrial software, OT/ICS security, or technology companies serving critical infrastructure or highly regulated industries.
  • Working within a large enterprise group security governance structure as a subsidiary security leader.
  • Working with AI and machine learning applications in security assurance and automated control testing.
  • Professional certifications: CISSP, CISA, CISM, or ISO 27001 Lead Auditor.
  • Commercial acumen and working knowledge of cloud security, DevSecOps, and Agile delivery practices.
  • Experience in a federated, matrixed, or multi‑subsidiary structure.

Competencies

  • Adaptable and resilient: Thrives in dynamic environments; maintains strategic focus through regulatory change and organisational evolution.
  • Practical and logical: Structured thinking with a bias toward pragmatic, implementable solutions.
  • Self‑motivated and decisive: Comfortable making and owning decisions in ambiguous situations.
  • Collaborative and influential: Earns influence through credibility and expertise; builds trusted relationships across federated teams and leadership.
  • Transparent and courageous: Surfaces difficult assurance findings and brings problems to leadership without softening the message.
  • Curious and growth‑oriented: Continuously learning about emerging threats, evolving control landscapes, and improvements in assurance automation and tooling.

UK Benefits

  • Flexible benefits fund
  • Emergency leave days
  • Adoption leave
  • 28 days annual leave (plus bank holidays)
  • Pension
  • Life cover
  • Private medical insurance
  • Parental leave
  • Education assistance programme

Hybrid Working

We work in a hybrid way at AVEVA. Most roles are based at a local AVEVA office, with an expectation of being on‑site 50% of your working hours to support collaboration and connection. Some positions are fully office‑based depending on the nature of the work, and certain roles that support specific customers or markets may be remote. The working arrangement for this position will be confirmed during the hiring process.

Equal Opportunity Statement

AVEVA is an Equal Opportunity Employer. We are committed to being an exemplary employer with an inclusive culture, developing a workplace environment where all our employees are treated with dignity and respect. We value diversity and the expertise that people from different backgrounds bring to our business. AVEVA provides reasonable accommodation to applicants with disabilities where appropriate. If you need reasonable accommodation for any part of the application and hiring process, please notify your recruiter. Determinations on requests for reasonable accommodation will be made on a case‑by‑case basis.

#J-18808-Ljbffr…

Posted: June 20th, 2026
Popular Searches
Jobs by Sector
Jobs by Location

Admin jobs | Airport jobs | Amazon Driver jobs | Amazon Warehouse Operative jobs | Apprentice Electrician jobs | Apprenticeship jobs | Bricklaying jobs | Business Analyst jobs | Business Development Manager jobs | Care Assistant jobs | Care Home jobs | Caregiver jobs | Civil Service jobs | Class 1 Driver jobs | Cleaner jobs | Cleaning jobs | Council jobs | Cyber Security jobs | Data Analyst jobs | Data Entry jobs | Data Scientist jobs | Delivery Driver jobs | Digital Marketing jobs | Driver jobs | Driving jobs | Electrician jobs | Graphic Designer jobs | Healthcare Assistant jobs | HGV Class 2 Driver jobs | HGV Driver jobs | HGV jobs | HGVClass 1 Driver jobs | Hospital jobs | Housing jobs | Immediate Start jobs | It Consultant jobs | It Support jobs | Jobs for 16 Year Olds | Joiner jobs | Labourer jobs | Management jobs | NHS jobs | Night Shift jobs | Offshore jobs | Online jobs | Paralegal jobs | Personal Assistant jobs | Project Manager jobs | Receptionist jobs | Sales Assistant jobs | Scrum Master jobs | Security Guard jobs | Security jobs | Security Officer jobs | SEO jobs | Support Worker jobs | Teaching Assistant jobs | Van Driver jobs | Warehouse jobs | Warehouse Operative jobs | Web Designer jobs | Weekend jobs | Work From Home jobs

Accountancy jobs | Administration jobs | Advertising jobs | Aerospace jobs | Apprenticeships jobs | Automotive jobs | Banking jobs | Call Centre jobs | Catering jobs | Charity jobs | Construction jobs | Creative jobs | Customer Service jobs | Digital jobs | Education jobs | Engineering jobs | Finance jobs | FMCG jobs | Graduate jobs | Healthcare jobs | Hospitality jobs | HR jobs | Insurance jobs | IT jobs | Legal jobs | Leisure jobs | Logistics jobs | Management Consultancy jobs | Manufacturing jobs | Marketing jobs | Media jobs | Nursing jobs | Oil and Gas jobs | PA jobs | Part time jobs | Pharmaceutical jobs | PR jobs | Property jobs | Public Sector jobs | Recruitment Sales jobs | Renewable Energy jobs | Retail jobs | Sales jobs | Science jobs | Secretarial jobs | Senior Appointments jobs | Social Work jobs | Teaching jobs | Telecoms jobs | Temporary jobs | Tourism jobs | Transport jobs | Travel jobs | Utilities jobs | Wholesale jobs

Jobs in Aberdeen | Jobs in Belfast | Jobs in Birmingham | Jobs in Bolton | Jobs in Bournemouth | Jobs in Bradford | Jobs in Bristol | Jobs in Cambridge | Jobs in Cardiff | Jobs in Cornwall | Jobs in Coventry | Jobs in Derby | Jobs in Devon | Jobs in Doncaster | Jobs in Dundee | Jobs in East Anglia | Jobs in East Midlands | Jobs in Edinburgh | Jobs in Essex | Jobs in Exeter | Jobs in Glasgow | Jobs in Hull | Jobs in Inverness | Jobs in Ipswich | Jobs in Isle Of Wight | Jobs in Kent | Jobs in Leeds | Jobs in Leicester | Jobs in Liverpool | Jobs in London | Jobs in Luton | Jobs in Manchester | Jobs in Middlesbrough | Jobs in Milton Keynes | Jobs in Newcastle Upon Tyne | Jobs in Newport, Gwent | Jobs in North East | Jobs in North West | Jobs in Northampton | Jobs in Northern Ireland | Jobs in Norwich | Jobs in Nottingham | Jobs in Peterborough | Jobs in Plymouth | Jobs in Reading | Jobs in Scotland | Jobs in Sheffield | Jobs in South East | Jobs in South West | Jobs in Southampton | Jobs in Stoke On Trent | Jobs in Sunderland | Jobs in Surrey | Jobs in Swansea | Jobs in Swindon | Jobs in Telford | Jobs in Wales | Jobs in Wolverhampton | Jobs in Wrexham | Jobs in York | Jobs in Yorkshire