Are you a Security, Risk & Compliance Analyst looking for a role where your work actually shapes the ISMS rather than just maintaining it?
Our key client, a CXaaS business, has asked us to exclusively support them with hiring a Security, Risk & Compliance Analyst to act as the empowered deputy to their CISO. You'll be the senior security voice on a major Central Government contract from day one, with a clear runway to expand into wider client work and new business as the function grows.
They've been voted a "Great Place To Work" and partner with industry giants like Zendesk, Amazon, NICE and Calabrio to help businesses build seamless customer connections using the latest contact centre technology.
This is a role with real visibility. You'll be interfacing directly with Client Security Leads, supply chain partners and external auditors, owning the evidence trail across ISO27001, ITHC, pen testing and SC+. They're truly focused on career development, will put you through training and certifications (CISSP being a likely target), and back you to specialise in the direction you want to take it.
North Bristol, Hybrid role.
The role:
You'll sit close to the CISO and deputise where needed, owning the security, risk and compliance posture for a flagship Central Government engagement and the wider ISMS development.
* Interface with Client Security Leads, suppliers and partners to identify, manage and remediate risk
* Develop the company and service-level ISMS, working closely with supply chain partners
* Lead audit evidence and assurance work across ISO27001, ITHC, pen tests, vulnerability scans and SC+
* Produce low-level and detailed security review and assurance collateral
* Support DR and BCP testing, plus both simulated and real-world incident response
* Deliver project work across new client stand-ups, ISQs and ongoing security management
What will help you succeed in this role?
* Minimum 2 years in Security, Risk & Compliance, with hands-on audit prep and direct auditor engagement (Public Sector or BPO experience is a plus)
* Sound working knowledge of ISO27001/2, ISO22301, PCI-DSS v4.0, Cyber Essentials+, ITHC and GDPR (ITIL, ISO42001 and ISO31000 awareness welcomed)
* Self-starting, comfortable communicating compliance issues in clear actionable terms to stakeholders at every level
The salary & benefits:
* Salary of £45,000–£50,000
* 25 days annual leave (increasing to 30 with tenure)
* Pension scheme: 5% employee + 4% employer (scaling to 9% + 8% matched)
* Genuine investment in certifications and career development
#J-18808-Ljbffr