At Pennon Group, we’re proud to be leading the way in the water and renewables industries. Alongside our subsidiaries - South West Water, Bristol Water, Bournemouth Water, SES Water, Pennon Water Services and Pennon Power - we’re committed to delivering a sustainable future of our region. Because we know that by continually driving up our standards today, we’ll build a better tomorrow for our communities.
Are you passionate about Information Security Compliance we are seeking a proactive and knowledgeable Information Security Compliance Analyst. This role is pivotal in helping us maintain ISO27001, implement and maintain cyber policies, and deliver key phases of our Cyber Essentials Programme.
About the Role
Join us as an Information Security Compliance Analyst and play a key role in protecting our information assets, identifying and mitigating security risks, and ensuring compliance with regulatory requirements. Reporting to the Information Security Compliance Manager, you’ll support internal reviews, audits, and awareness initiatives, and help maintain compliance with standards like ISO 27001, NIS, PCI, and GDPR.
Why is compliance important?
Staying compliant with ISO 27001 is critical for protecting sensitive information, maintaining customer trust, and avoiding legal, regulatory, and reputational risks. Regular internal audits not only ensure ongoing certification but also drive continual improvement and resilience in our information security practices.
Key Responsibilities:
* Plan, conduct, and document internal ISO 27001 audits across all areas of the Information Security Management System (ISMS), ensuring all controls and processes are regularly reviewed for effectiveness and compliance
* Evaluate the effectiveness of information security policies, procedures, and controls, and identify areas for improvement or non-compliance.
* Develop and maintain an annual audit schedule to ensure comprehensive coverage of ISO 27001 requirements and continual improvement of the ISMS.
* Collaborate with stakeholders to gather evidence, address audit findings, and implement corrective actions to close compliance gaps.
* Promote information security awareness and a positive security culture throughout the organisation.
* Support security testing, including penetration tests and vulnerability scans.
* Ensure third-party contracts meet security requirements.
* Maintain compliance with relevant standards and legislation.
* Support policy and procedure development.
What We Are Looking For:
* Full UK driving licence
* Strong understanding of information security principles, cyber threats, and risk management
* Familiarity and experience with ISO 27001 standard
* Experience of performing audits and producing reports
* Ability to influence and build relationships across all levels of the organisation
* A collaborative, self-motivated approach with strong organisational skills.
* Experience with ISO 27001, NIST, or Cyber Essentials
* Eligible for UK Government Security Clearance (SC)
Why You'll Love Working With Us:
* We know that the support and commitment of our staff is key to our success so you will receive the opportunity for ongoing development and training for a long-term career with us. In return, we offer an excellent range of benefits including:
* Generous holiday allowance plus bank holidays
* A discretionary Bonus
* Competitive Contributory Pension
* Share-save Scheme
* Various health benefits
* Wellbeing support programmes
* A range of Group Discounts
* Cycle to Work Scheme
* Financial support services
* And plenty more!
Closing from Pennon - All locations
Be yourself, we like it that way. Together, we will build a culture of belonging, where inclusion is instinctive. Diversity is our strength and a reflection of our communities. We care, we value everyone, we celebrate uniqueness.
Our core values which are essential to our success are:
Be Rock Solid - Build trust and be trusted. Be the one we all look to and can depend on.
Be You - We want you to bring your best everyday. Be yourself and make your mark in your individual way.
Be the Future - Embrace change. Drive Progress. Own the challenge