IT Security and Compliance Analyst

Company: Holman Enterprises
Apply for the IT Security and Compliance Analyst
Location: Birmingham
Job Description:

IT Security & Compliance Analyst

Permanent role based at Holman UK, with duties carried out from our HQ in Chippenham or our Birmingham office. Hybrid working available, three days per week in the office.

Salary: £55,000 – £60,000 per annum, dependent on experience.

Key Responsibilities

  • Respond to customer assurance requests and prepare responses to inquiries.
  • Collaborate with senior managers to advance the information security agenda and meet complex compliance requirements.
  • Support senior analysts in compliance, regulatory, vendor and cyber‑maturity assessments and reporting.
  • Provide direct support for control activities such as access reviews, data mapping and vendor assessments.
  • Maintain comprehensive knowledge of data security practices and relevant regulatory requirements.
  • Assist in developing control frameworks to satisfy business and regulatory needs.
  • Participate in project reviews, working with business, technical, supplier and project teams to evaluate information security requirements and mitigate potential exposures.
  • Support contract negotiation of information security and privacy requirements.
  • Monitor and promote compliance with information security policies and standards; recommend changes to policies, standards and procedures.
  • Consult with IT colleagues to integrate security into the evaluation, selection, installation and configuration of hardware, applications and software.
  • Provide technical expertise to the UK DPO on UK GDPR, Data Protection Act 2018 and PECR 2003.

Qualifications

  • At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP).
  • Five years of combined Information Security and Technical Administration experience.
  • Proven experience in an information security role, including developing security policies and plans.
  • Working knowledge of General Data Protection Regulation (GDPR).
  • Experience with internal and external security audits and contract compliance.
  • Understanding of system security testing, including vulnerability scanning and penetration testing.
  • In-depth understanding of information security concepts, protocols, best practices and strategies.
  • Knowledge of security and control frameworks such as NIST, ISO27001/27002.
  • Familiarity with regulatory mandates such as PCI, CCPA, GDPR.
  • Proficiency with the Microsoft Office suite.
  • Strong analytical judgement, self‑motivation, attention to detail and ability to deliver against firm timelines.
  • Excellent verbal and written communication skills.
  • Flexible and proactive approach to work, capable of managing conflicting priorities.

Eligibility

  • Right to remain and work in the UK.
  • Must disclose any previous convictions or cautions, including unspent, at the point of application.
  • No visa sponsorship is provided.

Benefits

  • 26 days off a year + Bank Holidays.
  • Health Cash Plan to cover everyday medical expenses.
  • Free onsite bi‑weekly yoga and massage sessions with qualified therapists.
  • Financial Security Group and Personal Pension Plan.
  • Bonus scheme.
  • Career development support and opportunities for advancement.
  • Seasonal events, social opportunities and recognition programs.

Equal Employment Opportunity

We are an equal opportunity employer and welcome applications from all genders, races, religions, ages, sexual orientations, parents, people living with disabilities and any other group that can bring diverse perspectives to our business. Discrimination and harassment of any kind are prohibited, and we do not provide visa sponsorship for any of the advertised positions.

#J-18808-Ljbffr…

Posted: July 4th, 2026