Company description:
Water Utility Company based in Yorkshire region of England.
Job description:
Security Governance Risk & Compliance Analyst
Hello! Thanks for stopping by. Let us tell you about all the great reasons to join us here at Yorkshire Water:
We offer a competitive salary, depending on experience
(£36,538
45,673)
Annual incentive related bonus (£1000 maximum bonus opportunity for the performance year)
Attractive pension scheme
(up to 12% company contribution)
Development opportunities in line with the
Security Governance Risk & Compliance Analyst
progression plan
25 days annual leave plus bank holidays
plus an extra wellness day
Life assurance cover of 4 times pensionable salary
A great benefits package
choose from health cash plan scheme, critical illness insurance, dental insurance, life assurance flex and partner cover.
Retail savings scheme
Online GP service, cycle to work scheme, gym membership discounts and many more!
Location: Buttershaw / Hybrid Working (1-2 days in the office a week
Bradford)
Work type: 12-month fixed term contract. 37 hours per week, Monday
Friday.
We have an exciting opportunity for a
Security Governance Risk &Compliance Analyst
to join the IT team at Yorkshire Water and be a part of helping Yorkshire Water to provide the best service to our customers. Could this be you?
What we do:
Everyone has an idea of what a water company does. Here in Yorkshire, we make sure that over 5.4 million people living in the region and the millions of people who visit our region each year, can rely on our services, and have clean and safe drinking water on tap and that their wastewater is taken away. But for us, its so much more than this.
We look after communities, protect the environment, and plan to look after Yorkshires water, today, tomorrow 24/7, 365 days a year. We provide essential water and wastewater services to every corner of the Yorkshire region, and play a key role in the regions health, wellbeing, and prosperity.
New environmental legislation, unprecedented levels of investment and changing expectations from customers means that this is an exciting time to discover opportunities within the water industry. The IT function is a key part of how we plan to meet the changing expectations of customers and regulators.
Join our Technology & Security team as a Security Governance, Risk & Compliance (GRC) Analyst. Youll help shape and maintain Yorkshire Waters security policies and standards, ensuring alignment with industry best practices.
In this role, youll support risk assessments, audits, and compliance reviews, while advising teams across the business on security for systems, networks, and suppliers. Youll play a key part in protecting our organisation through strong governance and proactive risk management.
Where you fit in:
As our Security
Governance Risk & Compliance Analyst
you will:
Support junior and apprentice analysts within the GRC team
Promote the value of risk, regulation, and compliance at senior levels
Drive adoption of security best practices and culture across the organisation
Stay current with GRC trends, standards, and best practices
Assist in managing the Security GRC Framework
Collaborate with stakeholders, auditors, and vendors
Support compliance activities (CAF, SEMD, PCI DSS, ISO27001)
Monitor and report on security compliance and incidents
Conduct controls testing and coordinate audit findings
Advise on compliance matters and manage policy exemptions
Liaise with Data Protection team on GDPR breaches
Conduct risk assessments and maintain risk registers
Provide risk advice and support proportionate decision-making
Integrate risk management into business processes
Develop and maintain security policies, standards, and procedures
Test and assure policy compliance
Support investigations and coordinate stakeholder engagement
Ensure legal and data privacy compliance during incidents
Engage with government agencies and industry bodies
Participate in forums (e.g. DWI, NCSC, Local Resilience Forums)
Contribute to GRC metrics, KPIs, KRIs, and reporting
Align work with business priorities and challenge inefficiencies
Take ownership of customer issues and act on feedback
Make informed decisions through collaboration and analysis
Focus on key priorities and drive continuous improvement
Build strong working relationships and support team goals
Show resilience, adaptability, and a proactive mindset
Communicate clearly and influence positively
Seek and act on feedback to improve performance
What skills & qualifications you will need:
Track record of delivering successful IS initiatives
Knowledge of Cyber Kill Chain, MITRE ATT&CK/DEFEND, and other security frameworks
Solid understanding of cyber security, including Cyber Essentials and social engineering
Awareness of current IS technologies, threats, and vulnerabilities
Familiarity with ISO 27001, PCI DSS, and ITIL frameworks
Hands-on experience with risk management tools and processes
Skilled at translating business needs into security solutions
Experience developing and maintaining IS policies and standards
Eligible for UK Government Security Clearance
Proven ability to lead people, processes, and technology effectively
Strong influencing and negotiation skills; able to motivate others
Experience driving cultural and behavioural change
You will also benefit from having:
Recognised IS qualification (e.g. CISSP, CISM) or relevant degree/experience in Information Security
Experience in operational or strategic leadership within commercial or regulated environments
Skilled in managing information security incidents and investigations
Good understanding of GDPR and data protection principles
Experience working with legal, audit, and compliance teams
Hands-on experience conducting IS compliance reviews and audits
Strong negotiation and third-party management skills
Although we operate 24 hours a day, 365 days a year, its important to us that we support flexible working patterns and job share options (when we can), to help you make the best of both your work and home life. We know that juggling childcare responsibilities or getting that ideal work/life balance isnt always easy!
Do we sound like your cup of tea?
If youve got experience in Security Governance and want to help us deliver great service for our customers whilst looking after the environment, then be sure to apply today to find out what a career with Yorkshire Water can offer you.
If successful for the role, you will be required to undergo pre-employment checks that will include a Basic Disclosure Check, carried out through a Third-Party Company, prior to commencing employment. Depending on the role, you may also be required to go through the security vetting process for either a Counter Terrorist Check or Security Check clearance.
All our roles are subject to a medical questionnaire, and further medicals when required.
We are committed to removing barriers and ensuring our recruitment process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible.
If you have an accessibility need, disability, or condition that requires changes to the recruitment process, please include this information in your application. We will then discuss any reasonable adjustments required.
Kelda Group reserve the right to close this position before the published closing date, should the need occur. We therefore advise that you complete and submit your application as soon as possible.
Closing Date - 15th September 2025
No agencies please.
TPBN1_UKTJ