At Pennon Group, we’re proud to be leading the way in the water and renewables industries. Alongside our subsidiaries - South West Water, Bristol Water, Bournemouth Water, SES Water, Pennon Water Services and Pennon Power - we’re committed to delivering a sustainable future of our region. Because we know that by continually driving up our standards today, we’ll build a better tomorrow for our communities. Are you passionate about Information Security Compliance we are seeking a proactive and knowledgeable Information Security Compliance Analyst. This role is pivotal in helping us maintain ISO27001, implement and maintain cyber policies, and deliver key phases of our Cyber Essentials Programme.About the RoleJoin us as an Information Security Compliance Analyst and play a key role in protecting our information assets, identifying and mitigating security risks, and ensuring compliance with regulatory requirements. Reporting to the Information Security Compliance Manager, you’ll support internal reviews, audits, and awareness initiatives, and help maintain compliance with standards like ISO 27001, NIS, PCI, and GDPR.Why is compliance important? Staying compliant with ISO 27001 is critical for protecting sensitive information, maintaining customer trust, and avoiding legal, regulatory, and reputational risks. Regular internal audits not only ensure ongoing certification but also drive continual improvement and resilience in our information security practices.
Key Responsibilities:
1. Plan, conduct, and document internal ISO 27001 audits across all areas of the Information Security Management System (ISMS), ensuring all controls and processes are regularly reviewed for effectiveness and compliance
2. Evaluate the effectiveness of information security policies, procedures, and controls, and identify areas for improvement or non-compliance.
3. Develop and maintain an annual audit schedule to ensure comprehensive coverage of ISO 27001 requirements and continual improvement of the ISMS.
4. Collaborate with stakeholders to gather evidence, address audit findings, and implement corrective actions to close compliance gaps.
5. Promote information security awareness and a positive security culture throughout the organisation.
6. Support security testing, including penetration tests and vulnerability scans.
7. Ensure third-party contracts meet security requirements.
8. Maintain compliance with relevant standards and legislation.
9. Support policy and procedure development.
What We Are Looking For:
10. Full UK driving licence
11. Strong understanding of information security principles, cyber threats, and risk management
12. Familiarity and experience with ISO 27001 standard
13. Experience of performing audits and producing reports
14. Ability to influence and build relationships across all levels of the organisation
15. A collaborative, self-motivated approach with strong organisational skills.
16. Experience with ISO 27001, NIST, or Cyber Essentials
17. Eligible for UK Government Security Clearance (SC)
Why You'll Love Working With Us:
18. We know that the support and commitment of our staff is key to our success so you will receive the opportunity for ongoing development and training for a long-term career with us. In return, we offer an excellent range of benefits including:
19. Generous holiday allowance plus bank holidays
20. A discretionary Bonus
21. Competitive Contributory Pension
22. Share-save Scheme
23. Various health benefits
24. Wellbeing support programmes
25. A range of Group Discounts
26. Cycle to Work Scheme
27. Financial support services
28. And plenty more!
£36,000 - £36,000 a yearClosing Date: 28th October 2025Please note that the successful candidate will be subject to a mandatory DBS check as part of the onboarding process.Be yourself, we like it that way. Together, we will build a culture of belonging, where inclusion is instinctive. Diversity is our strength and a reflection of our communities. We care, we value everyone, we celebrate uniqueness.Our core values which are essential to our success are:Be Rock Solid - Build trust and be trusted. Be the one we all look to and can depend on.Be You - We want you to bring your best everyday. Be yourself and make your mark in your individual way.Be the Future - Embrace change. Drive Progress. Own the challenge.