Overview
The Policy Support Analyst will be responsible for developing, implementing, and maintaining security policies, standards, and procedures to ensure the protection of our information assets. This role requires a good understanding of security frameworks and regulatory requirements. The role will be based in Reading and will report to the Head of Governance, Risk and Compliance. This is a role that requires the individual to work independently in a challenging and fast-paced environment and take accountability to meet and drive the needs of the programme.
What you’ll do as a Policy Support Analyst
Security Standards Management:
* Develop and maintain comprehensive security policies, standards and procedures across the organisation.
* Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS-R).
* Review and update standards regularly in response to emerging threats and regulatory changes.
Governance & Compliance:
* Oversee the exception management framework, including reporting, approvals and reviews prior to expiry.
* Monitor compliance with security policies and standards across digital and business teams.
* Act as the primary point of contact for internal and external audits related to security standards.
Service Delivery & Operations:
* Coordinate the annual standards review cycle, ensuring timely updates and stakeholder engagement.
* Support the publication and socialisation of new or revised standards to ensure organisation wide awareness.
* Collaborate with cross functional teams to embed security best practices into digital processes.
Stakeholder & Communications Management:
* Build and maintain relationships with key stakeholders including the CISO, CIO, architecture teams, programme delivery and business owners.
* Provide clear, engaging, and relevant communication and training around security standards.
* Deliver security messaging both in person and virtually, ensuring consistency and clarity.
Continuous Improvement:
* Track policy effectiveness and recommend enhancements to improve standard adoption and compliance.
* Stay informed of the latest security regulations, technologies and industry best practices to ensure standards remain current and effective.
Base location – Hybrid – Clearwater Court, Reading.
Working pattern – 36 hours Monday to Friday.
What you should bring to the role
The must-haves (essential criteria) for this opportunity include:
Essential Experience:
* Experience in information security or a related governance role.
* Experience applying security frameworks and regulatory requirements (CIS, GDPR, NIS-R).
* Experience collaborating across multiple business areas and functional teams.
* Proven ability to work independently, with strong stakeholder management capabilities.
Essential Technical Skills & Qualifications:
* Strong written and verbal communication skills with the ability to deliver complex messages clearly.
* Skilled in exception management, reporting and compliance monitoring.
Desirable Experience:
* Experience maintaining security standards and exception frameworks.
* Exposure to information risk management processes and controls.
Desirable Technical Skills & Qualifications:
* Relevant certifications such as CISSP, CISM or CISA.
Desirable Competencies:
* Strong relationship building and collaboration skills.
* Excellent organisational and time management skills.
* Ability to influence stakeholders and drive compliance in a matrixed environment.
What’s in it for you?
* Competitive salary up to £60,000 per annum depending on experience
* Annual Leave - 26 days per year increasing to 30 with length of service (plus bank holidays)
* Performance-related pay plan directly linked to both company and individual performance measures and targets
* Generous Pension Scheme through AON
* Access to benefits to support health, wellbeing and finances – including health MOTs, physiotherapy, counselling, Cycle to Work, shopping vouchers, and life assurance.
Find out more about our benefits and perks.
Who are we?
We’re the UK’s largest water and wastewater company, serving more than 16 million customers. We are committed to building a better future for customers, communities, people and the planet. We welcome passionate and skilled people who want to make a difference and help us achieve our long-term goals.
Learn more about our purpose and values. Working at Thames Water – Thames Water is a unique, rewarding, and diverse place to work, where every day you can make a difference. If you need any adjustments, let us know; we’re here to help and support.
Disclaimer: due to high application volume we may close the advert earlier than the advertised date, so apply soon to avoid disappointment.
#J-18808-Ljbffr