Werelooking for a Security Governance & Compliance Analyst to join our Cyber Security team within the Technology directorate.Reporting to the Security Compliance Manager,youllplay a key role in supporting the organisations cyber security governance, risk, and compliance activities.

In this role,youllhelp ensure that effective security policies, standards, and controls are implemented andmaintainedacross the organisation.Youllcontribute to protecting the confidentiality, integrity, and availability of information systems while supporting compliance with recognised standards.

Working closely with Security Operations, Cyber Assurance, and wider technology teams,youllhelp embed governance processes across projects, operational services, and third-party relationships -making a real impact on how we manage and reduce cyber risk.

Werelooking for someone who lives our values: determined to make a difference, a trusted expert, committed to working better together, and showing genuine compassion.

About you:

Youredetail-oriented, proactive, and passionate about cyber security governance and risk management.You enjoy working collaboratively across teams and can confidently communicate complex security concepts to a range of stakeholders.

Youremotivated to continuously learn and stay up to date with evolving cyber security standards, legislation, and best practices.You take ownership of your work and are committed tomaintaininghigh standardsof accuracy, compliance, and professionalism.

• Experience supporting cyber security governance, risk, and compliance activities
  
• Knowledge of security frameworks and standards such as ISO27001, Cyber Essentials Plus, and PCI-DSS
  
• Understanding of risk management processes and maintaining risk registers
  
• Experience supporting audits, assurance reviews, and certification activities
  
• Ability to interpret and apply security policies, standards, and control frameworks
  
• Strong communication skills with the ability to engage both technical and non-technical stakeholders
  
• Experience working collaboratively across technology and business teams
  
• A commitment to data protection, confidentiality, and organisational policies

• Supporting the development and maintenance of cyber security policies, standards, and procedures
• Maintaining and updating the cyber security risk register, ensuring risks are tracked through to resolution
• Identifying and assessing risks linked to new systems, projects, and technology changes
  xbpsjku
• Supporting compliance with cyber security standards, regulations, and data protection requirements
  
• Assisting with internal and external audits, certification activities, and assurance reviews
• Collecting and managing evidence for compliance and certification purposes
• Monitoring adherence to policies and identifying areas for improvement
• Supporting third-party and supplier security assurance activities
• Producing governance reports, dashboards, and briefings for stakeholders
• Communicating cyber security risks and governance issues across the organisation
• Promoting awareness of cyber security governance and risk management practices

• The deadline for applications will be at 23:59 on 21st April 2026
• Interviews will begin 5th/ 6th May and will take place virtually.