Security Governance and Compliance Analyst
New Yesterday
looking for a Security Governance & Compliance Analyst to join our Cyber Security team within the Technology directorate
.
Reporting to the Security Compliance Manager,
youll
play a key role in supporting the organisations cyber security governance, risk, and compliance activities. In this role,
youll
help ensure that effective security policies, standards, and controls are implemented and
maintained
across the organisation
.
Youll
contribute to protecting the confidentiality, integrity, and availability of information systems while supporting compliance with recognised standards. Working closely with Security Operations, Cyber Assurance, and wider technology teams,
youll
help embed governance processes across projects, operational services, and third-party relationships -making a real impact on how we manage and reduce cyber risk. Were
looking for someone who lives our values: determined to make a difference, a trusted expert, committed to working better together, and showing genuine compassion. About yo
u: Youre
detail-oriented, proactive, and passionate about cyber security governance and risk management
.
You enjoy working collaboratively across teams and can confidently communicate complex security concepts to a range of stakeholders. Youre
motivated to continuously learn and stay up to date with evolving cyber security standards, legislation, and best practices
.
You take ownership of your work and are committed to
maintaining
high standards
of accuracy, compliance, and professionalism. You'll have:
Experience supporting cyber security governance, risk, and compliance activities Knowledge of security frameworks and standards such as ISO27001, Cyber Essentials Plus, and PCI-DSS Understanding of risk management processes and maintaining risk registers Experience supporting audits, assurance reviews, and certification activities Ability to interpret and apply security policies, standards, and control frameworks Strong communication skills with the ability to engage both technical and non-technical stakeholders Experience working collaboratively across technology and business teams A commitment to data protection, confidentiality, and organisational policies What youll focus on:
Supporting the development and maintenance of cyber security policies, standards, and procedures Maintaining and updating the cyber security risk register, ensuring risks are tracked through to resolution Identifying and assessing risks linked to new systems, projects, and technology changes Supporting compliance with cyber security standards, regulations, and data protection requirements Assisting with internal and external audits, certification activities, and assurance reviews Collecting and managing evidence for compliance and certification purposes Monitoring adherence to policies and identifying areas for improvement Supporting third-party and supplier security assurance activities Producing governance reports, dashboards, and briefings for stakeholders Communicating cyber security risks and governance issues across the organisation Promoting awareness of cyber security governance and risk management practices Important Dates
The deadline for applications will be at 23:59 on 21st April 2026 Interviews will begin 5th/ 6th May and will take place virtually.
TPBN1_UKTJ
- Location:
- United Kingdom
- Job Type:
- FullTime
- Category:
- Finance;IT;IT