The Policy Support Analyst will be responsible for developing, implementing, and maintaining security policies, standards, and procedures to ensure the protection of our information assets. This role requires a good understanding of security frameworks and regulatory requirements. In addition, this role requires you to have experience of Information Security.
The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance, with whom you will work to deliver the goals of the company to have a fit for purpose security standards framework. This is a role that requires the individual to be able to work independently, finds fulfilment in a challenging and fast paced environment and takes accountability to meet and drive the needs of the programme.
What you’ll do as a Policy Support Analyst
Security Standards Management:
1. Develop and maintain comprehensive security policies, standards and procedures across the organisation.
2. Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R).
3. Review and update standards regularly in response to emerging threats and regulatory changes.
Governance & Compliance:
4. Oversee the exception management framework, including reporting, approvals and reviews prior to expiry.
5. Monitor compliance with security policies and standards across digital and business teams.
6. Act as the primary point of contact for internal and external audits related to security standards.
Service Delivery & Operations:
7. Coordinate the annual standards review cycle, ensuring timely updates and stakeholder engagement.
8. Support the publication and socialisation of new or revised standards to ensure organisation wide awareness.
9. Collaborate with cross functional teams to embed security best practices into digital processes.
Stakeholder & Communications Management:
10. Build and maintain relationships with key stakeholders including the CISO, CIO, architecture teams, programme delivery and business owners.
11. Provide clear, engaging, and relevant communication and training around security standards.
12. Deliver security messaging both in person and virtually, ensuring consistency and clarity.
Continuous Improvement:
13. Track policy effectiveness and recommend enhancements to improve standard adoption and compliance.
14. Stay informed of the latest security regulations, technologies and industry best practices to ensure standards remain current and effective.
Base location – Hybrid – Clearwater Court, Reading.
Working pattern – 36 hours Monday to Friday.
What you should bring to the role:
Essential Experience:
15. Experience in information security or a related governance role.
16. Experience applying security frameworks and regulatory requirements (CIS, GDPR, NIS-R).
17. Experience collaborating across multiple business areas and functional teams.
18. Proven ability to work independently, with strong stakeholder management capabilities.
Essential Technical Skills & Qualifications:
19. Strong written and verbal communication skills with the ability to deliver complex messages clearly.
20. Skilled in exception management, reporting and compliance monitoring.
Desirable Experience:
21. Experience maintaining security standards and exception frameworks.
22. Exposure to information risk management processes and controls.
Desirable Technical Skills & Qualifications:
23. Relevant certifications such as CISSP, CISM or CISA.
Desirable Competencies:
24. Strong relationship building and collaboration skills.
25. Excellent organisational and time management skills.
26. Ability to influence stakeholders and drive compliance in a matrixed environment.
What’s in it for you?
27. Competitive salary up to £60,000 per annum depending on experience
28. Annual Leave - 26 days holiday per year increasing to 30 with the length of service (plus bank holidays)
29. Generous Pension Scheme through AON
30. Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.