InfoSec Risk & Compliance Analyst

Senior InfoSec Risk & Compliance AnalystLocation:  UK-wide (Hybrid)Salary:  £45,000 – Negotiable Dependent on Experience + Benefits Are you looking to grow your career in information security while making a real impact? We’re looking for a practical, hands-on InfoSec analyst to join a developing Business Protection and InfoSec team. This role is perfect for someone who enjoys variety, problem-solving, and working across multiple areas of a business. What you’ll do:

• Help maintain and develop the Information Security Management System (ISMS) and ISO 27001 standards.
• Support risk assessments, control testing, documentation, and policy/process updates.
• Respond to internal queries, incidents, breaches, and client or supplier security questionnaires.
• Identify gaps and help expand ISO 27001 across additional sites and business units.
• Collaborate with colleagues to improve processes and implement practical solutions.

 What we’re looking for:

• Some experience with ISO 27001 or within an ISMS is highly desirable.
• Practical exposure to risk assessments, controls, documentation, or operational InfoSec.
• Ability to work independently in a developing function and bring solutions to the table.
• Strong communication skills to translate technical issues for non-technical stakeholders.
• Experience with GDPR or other compliance frameworks is a plus.
• Formal certifications are not essential; practical, hands-on experience matters most.

 Why this role works for you:

• Opportunity to work across multiple business units and service lines.
• Flexible, hybrid working with no fixed office days.
• Be part of a small, collaborative team where you can make a visible impact.
• Chance to shape processes and grow into a more senior InfoSec role over time.

  If you’re practical, proactive, and excited by the chance to help build a growing InfoSec function, we’d love to hear from you….