Security Analyst

Security, Risk & Compliance Analyst North Bristol, Hybrid | £45,000–£50,000 Are you a Security, Risk & Compliance Analyst looking for a role where your work actually shapes the ISMS rather than just maintaining it? Our key client, a CXaaS business, has asked us to exclusively support them with hiring a Security, Risk & Compliance Analyst to act as the empowered deputy to their CISO. You'll be the senior security voice on a major Central Government contract from day one, with a clear runway to expand into wider client work and new business as the function grows. They've been voted a \"Great Place To Work\" and partner with industry giants like Zendesk, Amazon, NICE and Calabrio to help businesses build seamless customer connections using the latest contact centre technology. This is a role with real visibility. You'll be interfacing directly with Client Security Leads, supply chain partners and external auditors, owning the evidence trail across ISO27001, ITHC, pen testing and SC+. They're truly focused on career development, will put you through training and certifications (CISSP being a likely target), and back you to specialise in the direction you want to take it. North Bristol, Hybrid role. The role: You'll sit close to the CISO and deputise where needed, owning the security, risk and compliance posture for a flagship Central Government engagement and the wider ISMS development.

Interface with Client Security Leads, suppliers and partners to identify, manage and remediate risk Develop the company and service-level ISMS, working closely with supply chain partners Lead audit evidence and assurance work across ISO27001, ITHC, pen tests, vulnerability scans and SC+ Produce low-level and detailed security review and assurance collateral Support DR and BCP testing, plus both simulated and real-world incident response Deliver project work across new client stand-ups, ISQs and ongoing security management What will help you succeed in this role? Minimum 2 years in Security, Risk & Compliance, with hands-on audit prep and direct auditor engagement (Public Sector or BPO experience is a plus) Sound working knowledge of ISO27001/2, ISO22301, PCI-DSS v4.0, Cyber Essentials+, ITHC and GDPR (ITIL, ISO42001 and ISO31000 awareness welcomed) Self-starting, comfortable communicating compliance issues in clear actionable terms to stakeholders at every level The salary & benefits: Salary of £45,000–£50,000 25 days annual leave (increasing to 30 with tenure) Pension scheme: 5% employee + 4% employer (scaling to 9% + 8% matched) Private healthcare Genuine investment in certifications and career development