SonicJobs Logo
Login
Left arrow iconBack to search
  1. Home
  2. Hatfield, Hertfordshire
  3. Ict security engineer
  4. Information Security Compliance Analyst

Information Security Compliance Analyst

Reed
Posted 5 days ago, valid for 15 days
Location

Hatfield, Hertfordshire AL96DD, England

Contract type

Full Time

Health Insurance
Life Insurance

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Sonic Summary

info
  • The Information Security Compliance Analyst position is a 12-month fixed-term contract located in Hatfield, UK.
  • The successful candidate will be responsible for maintaining compliance with ISO 27001:2022 and other relevant regulations, conducting risk assessments, and managing information security programs.
  • Candidates should have demonstrable experience in Information Security, IT Governance, Risk, and Compliance roles, with a strong emphasis on maintaining an ISO 27001 compliant management system.
  • The role offers a competitive salary based on experience, along with benefits such as 24 days of holiday, a 10% annual discretionary bonus, and health insurance.
  • Applicants are expected to have relevant certifications, including ISO 27001:2022 Lead Implementer/Auditor certification, and strong communication skills.
Information Security Compliance Analyst
  • Location: Hatfield, UK
  • Job Type: 12 Month Fixed Term Contract (Salaried)

A new exciting permanent role for an Information Security Compliance Analyst to support the development and maintenance of an EMEA-wide information security management system. The successful candidate will ensure the continued certification of their ISO 27001:2022 management system and maintain compliance with all relevant legislation and regulations.

Day-to-Day of the Role:
  • Conduct information security, information system, and compliance-based risk assessments, evaluate responses, and recommend risk treatment actions.
  • Develop and execute risk mitigation plans in conjunction with relevant internal and external stakeholders/groups to agreed timescales, following through to completion.
  • Support the creation, implementation, and maintenance of information security policies and standards in accordance with ISO 27001 and other relevant frameworks (NIST CSF, IEC 62443, CIS, GDPR, etc.).
  • Maintain the department’s information security procedures, including incident response and business continuity management, conducting tabletop exercises to evaluate effectiveness.
  • Manage the information security awareness training program to ensure all employees comply with applicable security policies, procedures, laws, and regulations.
  • Manage information security programs to ensure compliance with legal and regulatory requirements.
  • Monitor, analyse, and report on information security-based management metrics.
  • Perform comprehensive third-party information security due diligence assessments, report on results, recommend remediation activities, and ensure security clauses are included in contracts as relevant.
  • Support information security and compliance audits within the department.
Required Skills & Qualifications:
  • Degree level qualified or equivalent - highly desirable.
  • CISM, CRISC, or other relevant certification - highly desirable.
  • ISO 27001:2022 Lead Implementer/Auditor certification - essential.
  • Demonstrable experience in Information Security, IT Governance, Risk, and Compliance roles, including maintaining an ISO 27001 compliant management system.
  • Extensive knowledge of industry standard frameworks and best practices (ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST).
  • Experience in conducting information security risk assessments and developing, implementing, managing, and maintaining Information Security policies, controls, standards, and procedures.
  • Experience in project managing Information Security, Data Protection & Compliance initiatives.
  • Strong communication skills (written & verbal in English) including the ability to inform, influence and present at all levels of the organisation.
Benefits:
  • Competitive salary (dependent on experience)
  • Holiday Allowance: 24 days (not including bank holidays)
  • Annual Discretionary Bonus: 10%
  • Pension: Up to 5% Employee, 10% Employer
  • Health Insurance: Aviva - employee only (family members through discounted monthly payroll deduction if required)
  • Dental Insurance: Unum - employee only (family members through discounted monthly payroll deduction if required)
  • Life Assurance: 4 x Basic salary
  • Hybrid working: 50% of working time
  • Subsidised onsite restaurant and coffee shop
  • Learning and development opportunities, including Leadership programmes

To apply for the Information Security Compliance Analyst role, please submit your updated CV to be considered.

Apply now in a few quick clicks

In order to submit this application, a Reed account will be created for you. As such, in addition to applying for this job, you will be signed up to all Reed’s services as part of the process. By submitting this application, you agree to Reed’s Terms and Conditions and acknowledge that your personal data will be transferred to Reed and processed by them in accordance with their Privacy Policy.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2025 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs