Cef31mo ago

Senior Governance, Risk and Compliance Analyst

United Kingdom BasedPermanentsenior

SecurityOtherGovernance Risk And Compliance Analyst

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Join one of the UK’s largest electrical wholesalers as we reimagine our technology for the digital age.

Technical Tools

SecurityOtherGovernance Risk And Compliance Analyst

Join one of the UK’s largest electrical wholesalers as we reimagine our technology for the digital age. We’re modernising our legacy systems and building new platforms powered by AWS and AI — and we need creative minds to help us shape the future!

About the Role

~3 min read

You’ll be joining a close-knit, highly capable security team who genuinely enjoy working together and take pride in what they deliver. It’s a collaborative environment where ideas are shared openly, support is always there when you need it, and everyone is trusted to get on with their work without unnecessary layers or noise. There’s a strong sense of accountability, but also a lot of flexibility and understanding — people here back each other and celebrate progress together.

From a technical perspective, you’ll help evolve our governance framework, strengthen existing controls and play a key role in achieving and maintaining certifications such as ISO27001. We’re looking for someone who has been through that journey before and can bring a pragmatic, delivery-focused approach. You’ll need to be comfortable operating in a business that’s evolving quickly, able to balance structure with flexibility, and confident working with stakeholders at all levels. Just as importantly, you’ll be someone who listens, builds trust easily and brings a calm, thoughtful approach to problem-solving.

Working closely with the Governance and Compliance Manager (located in South Yorkshire, UK)

Working closely with the Head of Information Security (located in North Yorkshire, UK)

Leading the implementation and the changes required to help CEF to gain ISO27001 and additional certifications (such as ISO42001) as deemed necessary by the business

Support CEF maintain security certifications (Cyber Essentials, PCI) and support activities to enhance security controls

Auditing and reviewing security controls, policies and procedures to ensure alignment with current ways of working and best practice

Undertaking security control gap analysis and proposing strategies to remediate or reduce any observed risks

Supporting other Governance, Risk and Compliance team members in completing 3rd party supplier activities such as security due diligence reviews and client information security questionnaires

Working with the Governance and Compliance Manager to foster a culture of continuous security training and upskilling for all CEF team members

Supporting security governance measures and policies for AWS cloud security

Working with the Governance and Compliance manager to identify, assess and prioritise potential information and data governance risks and issues across the business (including products, solutions, systems, data, people and processes), and through effective partnering relationships with business leaders, ensure that effective actions and controls are in place to mitigate those risks

Previous experience in an operational information security role, engaging and communicating successfully with senior stakeholders across different business areas to address and ensure information security compliance.

Previous experience gaining or maintaining ISO27001 certification

Proven experience of defining the information security policies, controls and processes to manage an organisations’ risk position

Proven experience of utilising Information Security principles and best practices such as ISO 27001, NIST, NCSC, PCI DSS requirements and other regulatory obligations.

Experience in risk and vulnerability management

Work from anywhere in the UK – we aim to come together multiple times a year in our office in Durham so you must be willing to travel when required.

Annual discretionary bonus

25 days holiday plus UK bank holidays.

Company pension scheme.

Access to Champion Health – the “Netflix of wellbeing”, covering physical, mental and financial wellbeing.

Access to MySavings Platform, offering discounts and vouchers across groceries, dining out, gym memberships, days out, experiences and travel.

Access to Light Up Learning, our platform for leadership, technical and personal development.

Free use of our onsite gym at Janet Nash House, Durham.