IT Security & Compliance Analyst – UK
Location: HQ in Chippenham or Birmingham office, with hybrid working (3 days per week in the office). Salary: £55,000‑£60,000 per annum, depending on experience. Permanent role.
Key Responsibilities
- Work with team members and other departments to address customer assurance requests and prepare responses to customer inquiries.
- Collaborate with senior managers across the business to advance the information security agenda and meet complex compliance requirements.
- Support Senior Analysts in compliance, regulatory, vendor and cyber‑maturity assessments and reporting.
- Provide direct support for control activities such as access reviews, data mapping, and vendor assessment.
- Maintain up‑to‑date knowledge of data security practices and relevant regulatory requirements.
- Assist in developing control frameworks to meet business and regulatory needs.
- Participate in project reviews with business, technical staff, suppliers and project members to evaluate information security requirements and mitigate exposures.
- Provide support for contract review and negotiation of information security and privacy requirements.
- Monitor and promote compliance with information security policies and standards, recommending changes to policies, standards, and procedures.
- Advise IT colleagues to integrate security into the evaluation, selection, installation and configuration of hardware, applications, and software.
- Support the UK DPO in providing technical expertise regarding UK GDPR, the Data Protection Act 2018 and PECR 2003.
Qualifications & Experience
- Ideally at least one industry certification (CISA, CISM, CRISC, CISSP, ISAAP).
- Minimum 5 years of combined Information Security and Technical Administration experience.
- Proven experience in an information security role, including development of Information Security policies and plans.
- Working knowledge of General Data Protection Regulation (GDPR).
- Experience with internal and external information security audits and contract compliance.
- Good understanding of system technology security testing (vulnerability scanning and penetration testing).
- Excellent understanding of information security concepts, protocols, industry best practices and strategies.
- Knowledge of information security & control frameworks such as NIST, ISO 27001/27002.
- Familiarity with regulatory and compliance mandates (PCI, CCPA, GDPR) is a plus.
- Proficient with Microsoft Office suite.
- Strong analytical judgment, self‑motivation, attention to detail, ability to manage deliverables against firm timelines, and commitment to producing results.
- Strong verbal and written communication skills.
Benefits
- 26 days off a year + bank holidays.
- Health Cash Plan for everyday medical expenses.
- Free onsite bi‑weekly yoga and massage sessions.
- Group Personal Pension Plan.
- Bonus scheme.
- Career development support through training and advancement opportunities.
- Recognition and rewards through our Partners in Excellence programme.
Eligibility
Must have the right to remain and work in the UK. No visa sponsorship is available for this role.
Equal Opportunity Employer
Holman is committed to equal employment opportunity for all qualified applicants and is an equal‑opportunity employer. We encourage applications from all genders, races, religions, ages, sexual orientations, parents, people living with disabilities and other groups that bring diverse perspectives.
#J-18808-Ljbffr…
