Information Security Risk Analyst

We are seeking a talented Information Security Risk Analyst to support the Governance, Risk, and Compliance (GRC) function, by managing information security risks across the organisation. This includes maintaining the operational risk register, ensuring ISO 27001 compliance, preparing KPI reporting, and contributing to the continuous improvement of the Information Security Management System (ISMS).

You'll also play a key part in providing risk oversight during mergers and acquisitions (M&A), to ensure security integration and compliance.

This is a permanent role to be based at either our Birmingham office, or Liverpool office with expected minimum office attendance of 2 days per week. Please note that if Birmingham based, there will be travel required to the Liverpool office on an ad hoc basis.

As an Information Security Risk Analyst, your responsibilities will include among others,

• Own and maintain the information security risk register and risk treatment tracking
• Perform security risk assessments across systems, processes, and M&A activity
• Support ISO 27001:2022 compliance, audits, and ISMS continual improvement
• Produce risk documentation, KPIs, and management reporting
• Support control testing, assurance, incident reviews, and root cause analysis
• Work with IT, Data Privacy, and delivery teams to embed security and manage risk

Do you have experience in Root cause analysis?, To be successful in this role, you should have,

• Strong knowledge of information security, risk management, and ISO 27001:2022
• Experience managing risk registers, scoring methods, and KPI reporting
• Understanding of M&A activity and associated security risks
• Strong analytical, communication, and stakeholder engagement skills

Desired:

• Relevant degree or equivalent practical experience
• ISO 27001 certification and experience with GRC tools

• Competitive salary
• Private medical insurance
• Life assurance
• Pension contribution
• Hybrid working model (role dependent)
• Generous holiday package
• Option to purchase additional holiday
• Shared parental leave
• Fully funded training towards professional qualifications
• Cycle to work scheme
• Season ticket loan
• Eye care support

We are proud to value the differences that a diverse workforce brings, representative of society and our clients. At S&W we have a wide range of highly active employee resource groups and we're delivering multiple diversity, equity and inclusion initiatives across the organisation. It is our commitment to provide a workplace where all colleagues, regardless of identity, background, or circumstance, feel respected as individuals and feel that they can achieve their full potential and work in a safe, supportive, and inclusive environment.

We are happy to make any reasonable adjustments to accommodate for your needs throughout the application process. Please let your Recruiter know.     If you require alternative methods of application or screening, you must approach the employer directly to request this as Indeed is not responsible for the employer's application process.

At S&W, we help our clients thrive by simplifying the complex, illuminating new paths, and shaping solutions that make a difference. As one of the UK's top 10 fastest-growing accountancy firms, we have been a trusted partner since 1881-helping businesses and individuals meet challenges and seize opportunities across generations. Built on expertise and driven by ambition, we provide a comprehensive range of services, including tax and accountancy, advisory and assurance, corporate finance, and restructuring. We are defined by our purpose-to help navigate challenges, unlock potential, and achieve the extraordinary.