Information Security Compliance Analyst

Hewett Recruitment
7 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
£ 50K

Job location

Tech stack

Control Objectives for Information and Related Technology (COBIT)
Computer Security
Information Technology

Job description

We are seeking an Information Security Compliance Analyst to support the execution and enhancement of a global information security compliance programme. This role ensures that operations across multiple business units adhere to internal policies, international regulations, and recognised industry frameworks. It offers the opportunity to work cross-functionally with stakeholders worldwide and contribute to maintaining a strong security and compliance culture., * Support the design, implementation, and continuous improvement of the information security compliance framework (e.g. ISO 27001, NIST, SOC 2, CMMC, HITRUST).

  • Conduct and coordinate internal audits, evaluate security controls, and document findings with recommended actions.
  • Track remediation activities for audit findings and compliance gaps in collaboration with IT and business stakeholders.
  • Monitor and support adherence to global data protection and privacy regulations such as GDPR, CCPA, and LGPD.
  • Assist in maintaining security policies, standards, and procedures, ensuring audit readiness and compliance reporting.
  • Contribute to third-party risk management reviews and due diligence activities.
  • Collaborate with global teams to drive best practice and support security awareness initiatives.

Requirements

  • Bachelor's degree in Information Security, Risk Management, Computer Science, or related field.
  • 3+ years' experience in information security compliance, auditing, or IT risk management.
  • Strong knowledge of security frameworks (ISO 27001, NIST, SOC 2, COBIT) and data protection laws (GDPR, CCPA, etc).
  • Experience conducting security audits and assessments with strong analytical and organisational skills.
  • Ability to communicate effectively with technical and non-technical stakeholders across multiple regions.
  • Professional certifications such as CISA, CISSP, ISO 27001 Lead Auditor, or CRISC are advantageous.

Benefits & conditions

  • Competitive salary and benefits package.
  • Opportunity to work in a global environment with exposure to diverse regulatory landscapes.
  • Involvement in high-impact security and compliance initiatives.
  • Support for professional development, including security training and certifications.
  • Flexible and collaborative working environment with scope to make a meaningful impact.

Apply for this position