Security Governance Risk & Compliance Analyst
Hello! Thanks for stopping by. Let us tell you about all the great reasons to join us here at Yorkshire Water:
1. We offer a competitive salary, depending on experience (£36,538 – 45,673)
2. Annual incentive related bonus (£1000 maximum bonus opportunity for the performance year)
3. Attractive pension scheme (up to 12% company contribution)
4. Development opportunities in line with the Security Governance Risk & Compliance Analyst progression plan
5. 25 days annual leave plus bank holidays – plus an extra wellness day
6. Life assurance cover of 4 times pensionable salary
7. A great benefits package – choose from health cash plan scheme, critical illness insurance, dental insurance, life assurance flex and partner cover.
8. Retail savings scheme
9. Online GP service, cycle to work scheme, gym membership discounts and many more!
Location: Buttershaw / Hybrid Working (1-2 days in the office a week – Bradford)
Work type: 12-month fixed term contract. 37 hours per week, Monday – Friday.
We have an exciting opportunity for a Security Governance Risk &Compliance Analyst to join the IT team at Yorkshire Water and be a part of helping Yorkshire Water to provide the best service to our customers. Could this be you?
What we do:
Everyone has an idea of what a water company does. Here in Yorkshire, we make sure that over million people living in the region and the millions of people who visit our region each year, can rely on our services, and have clean and safe drinking water on tap and that their wastewater is taken away. But for us, it’s so much more than this.
We look after communities, protect the environment, and plan to look after Yorkshire’s water, today, tomorrow 24/7, 365 days a year. We provide essential water and wastewater services to every corner of the Yorkshire region, and play a key role in the region’s health, wellbeing, and prosperity.
New environmental legislation, unprecedented levels of investment and changing expectations from customers means that this is an exciting time to discover opportunities within the water industry. The IT function is a key part of how we plan to meet the changing expectations of customers and regulators.
Join our Technology & Security team as a Security Governance, Risk & Compliance (GRC) Analyst. You’ll help shape and maintain Yorkshire Water’s security policies and standards, ensuring alignment with industry best practices.
In this role, you’ll support risk assessments, audits, and compliance reviews, while advising teams across the business on security for systems, networks, and suppliers. You’ll play a key part in protecting our organisation through strong governance and proactive risk management.
Where you fit in:
As our Security Governance Risk & Compliance Analyst you will:
10. Support junior and apprentice analysts within the GRC team
11. Promote the value of risk, regulation, and compliance at senior levels
12. Drive adoption of security best practices and culture across the organisation
13. Stay current with GRC trends, standards, and best practices
14. Assist in managing the Security GRC Framework
15. Collaborate with stakeholders, auditors, and vendors
16. Support compliance activities (CAF, SEMD, PCI DSS, ISO27001)
17. Monitor and report on security compliance and incidents
18. Conduct controls testing and coordinate audit findings
19. Advise on compliance matters and manage policy exemptions
20. Liaise with Data Protection team on GDPR breaches
21. Conduct risk assessments and maintain risk registers
22. Provide risk advice and support proportionate decision-making
23. Integrate risk management into business processes
24. Develop and maintain security policies, standards, and procedures
25. Test and assure policy compliance
26. Support investigations and coordinate stakeholder engagement
27. Ensure legal and data privacy compliance during incidents
28. Engage with government agencies and industry bodies
29. Participate in forums ( DWI, NCSC, Local Resilience Forums)
30. Contribute to GRC metrics, KPIs, KRIs, and reporting
31. Align work with business priorities and challenge inefficiencies
32. Take ownership of customer issues and act on feedback
33. Make informed decisions through collaboration and analysis
34. Focus on key priorities and drive continuous improvement
35. Build strong working relationships and support team goals
36. Show resilience, adaptability, and a proactive mindset
37. Communicate clearly and influence positively
38. Seek and act on feedback to improve performance
What skills & qualifications you will need:
39. Track record of delivering successful IS initiatives
40. Knowledge of Cyber Kill Chain, MITRE ATT&CK/DEFEND, and other security frameworks
41. Solid understanding of cyber security, including Cyber Essentials and social engineering
42. Awareness of current IS technologies, threats, and vulnerabilities
43. Familiarity with ISO 27001, PCI DSS, and ITIL frameworks
44. Hands-on experience with risk management tools and processes
45. Skilled at translating business needs into security solutions
46. Experience developing and maintaining IS policies and standards
47. Eligible for UK Government Security Clearance
48. Proven ability to lead people, processes, and technology effectively
49. Strong influencing and negotiation skills; able to motivate others
50. Experience driving cultural and behavioural change
You will also benefit from having:
51. Recognised IS qualification ( CISSP, CISM) or relevant degree/experience in Information Security
52. Experience in operational or strategic leadership within commercial or regulated environments
53. Skilled in managing information security incidents and investigations
54. Good understanding of GDPR and data protection principles
55. Experience working with legal, audit, and compliance teams
56. Hands-on experience conducting IS compliance reviews and audits
57. Strong negotiation and third-party management skills
Although we operate 24 hours a day, 365 days a year, it’s important to us that we support flexible working patterns and job share options (when we can), to help you make the best of both your work and home life. We know that juggling childcare responsibilities or getting that ideal work/life balance isn’t always easy!
Do we sound like your cup of tea?
If you’ve got experience in Security Governance and want to help us deliver great service for our customers whilst looking after the environment, then be sure to apply today to find out what a career with Yorkshire Water can offer you.
If successful for the role, you will be required to undergo pre-employment checks that will include a Basic Disclosure Check, carried out through a Third-Party Company, prior to commencing employment. Depending on the role, you may also be required to go through the security vetting process for either a Counter Terrorist Check or Security Check clearance.
All our roles are subject to a medical questionnaire, and further medicals when required.
We are committed to removing barriers and ensuring our recruitment process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible.
If you have an accessibility need, disability, or condition that requires changes to the recruitment process, please include this information in your application. We will then discuss any reasonable adjustments required.
Kelda Group reserve the right to close this position before the published closing date, should the need occur. We therefore advise that you complete and submit your application as soon as possible.
Closing Date - 15th September 2025
No agencies please.