Security Analyst

Security, Risk & Compliance Analyst North Bristol, Hybrid | £45,000–£50,000

Are you a Security, Risk & Compliance Analyst looking for a role where your work actually shapes the ISMS rather than just maintaining it?

Our key client, a CXaaS business, has asked us to exclusively support them with hiring a Security, Risk & Compliance Analyst to act as the empowered deputy to their CISO. You'll be the senior security voice on a major Central Government contract from day one, with a clear runway to expand into wider client work and new business as the function grows.

They've been voted a "Great Place To Work" and partner with industry giants like Zendesk, Amazon, NICE and Calabrio to help businesses build seamless customer connections using the latest contact centre technology.

This is a role with real visibility. You'll be interfacing directly with Client Security Leads, supply chain partners and external auditors, owning the evidence trail across ISO27001, ITHC, pen testing and SC+. They're truly focused on career development, will put you through training and certifications (CISSP being a likely target), and back you to specialise in the direction you want to take it.

North Bristol, Hybrid role.

The role:

You'll sit close to the CISO and deputise where needed, owning the security, risk and compliance posture for a flagship Central Government engagement and the wider ISMS development.

• Interface with Client Security Leads, suppliers and partners to identify, manage and remediate risk
• Develop the company and service-level ISMS, working closely with supply chain partners
• Lead audit evidence and assurance work across ISO27001, ITHC, pen tests, vulnerability scans and SC+
• Produce low-level and detailed security review and assurance collateral
• Support DR and BCP testing, plus both simulated and real-world incident response
• Deliver project work across new client stand-ups, ISQs and ongoing security management

What will help you succeed in this role?

• Minimum 2 years in Security, Risk & Compliance, with hands-on audit prep and direct auditor engagement (Public Sector or BPO experience is a plus)
• Sound working knowledge of ISO27001/2, ISO22301, PCI-DSS v4.0, Cyber Essentials+, ITHC and GDPR (ITIL, ISO42001 and ISO31000 awareness welcomed)
• Self-starting, comfortable communicating compliance issues in clear actionable terms to stakeholders at every level

The salary & benefits:

• Salary of £45,000–£50,000
• 25 days annual leave (increasing to 30 with tenure)
• Pension scheme: 5% employee + 4% employer (scaling to 9% + 8% matched)
• Private healthcare
• Genuine investment in certifications and career development