As an Information Security Compliance Analyst, you will play a key role in supporting the development, maintenance, and continual improvement of the EMEA Information Security Management System (ISMS).
You will ensure compliance with Global EIT strategy, EMEA business requirements, and relevant legislation, including NIS2, the AI Act, and GDPR. The role is responsible for maintaining ISO 27001:2022 certification, supporting audits, and ensuring adherence to health, safety, financial, and data privacy regulations.
Working closely with technical teams, business stakeholders, and senior leadership, you will help embed strong information security governance and awareness across multiple business units.
What We’re Looking For
* CISM and/or CISSP or other relevant security certification – highly desirable
* Demonstrable experience in Information Security, IT Governance, Risk & Compliance (GRC) roles
* Proven experience maintaining and continually improving an ISO 27001-compliant ISMS
* Experience in information security management and/or security awareness programmes
* Strong knowledge of industry frameworks and regulations, including:
* ISO 27001:2022
* NIS2
* AI Act
* GDPR
* Extensive experience conducting information security risk assessments and reporting risks
* Experience developing, implementing, and maintaining information security policies, standards, and procedures
* Strong experience in risk management and maintaining risk registers
* Experience conducting third-party risk assessments using frameworks such as ISO 27001 (essential) and ISO 31000 (desirable)
* Hands-on experience performing gap analysis, testing security controls, and supporting audits
* Experience establishing and maintaining data classification standards
* Experience designing and delivering information security awareness training across multiple business units
* Experience ensuring compliance with UK and EMEA data protection legislation, including DPA and GDPR
* Good working knowledge of a broad range of IT platforms, technologies, and services
* Strong stakeholder management skills across technical, non-technical, and executive-level audiences
* Excellent business and customer-facing experience
If you are interested please apply or send your CV to luke.sandilands@cpl.com
#J-18808-Ljbffr