Security Analyst

Security, Risk & Compliance Analyst North Bristol, Hybrid | £45,000-£50,000Are you a Security, Risk & Compliance Analyst looking for a role where your work actually shapes the ISMS rather than just maintaining it? Our key client, a CXaaS business, has asked us to exclusively support them with hiring a Security, Risk & Compliance Analyst to act as the empowered deputy to their CISO. You'll be the senior security voice on a major Central Government contract from day one, with a clear runway to expand into wider client work and new business as the function grows. They've been voted a "Great Place To Work" and partner with industry giants like Zendesk, Amazon, NICE and Calabrio to help businesses build seamless customer connections using the latest contact centre technology. This is a role with real visibility. You'll be interfacing directly with Client Security Leads, supply chain partners and external auditors, owning the evidence trail across ISO27001, ITHC, pen testing and SC+. They're truly focused on career development, will put you through training and certifications (CISSP being a likely target), and back you to specialise in the direction you want to take it., The role: You'll sit close to the CISO and deputise where needed, owning the security, risk and compliance posture for a flagship Central Government engagement and the wider ISMS development.Interface with Client Security Leads, suppliers and partners to identify, manage and remediate riskDevelop the company and service-level ISMS, working closely with supply chain partnersLead audit evidence and assurance work across ISO27001, ITHC, pen tests, vulnerability scans and SC+Produce low-level and detailed security review and assurance collateralSupport DR and BCP testing, plus both simulated and real-world incident responseDeliver project work across new client stand-ups, ISQs and ongoing security management

What will help you succeed in this role?Minimum 2 years in Security, Risk & Compliance, with hands-on audit prep and direct auditor engagement (Public Sector or BPO experience is a plus)Sound working knowledge of ISO27001/2, ISO22301, PCI-DSS v4.0, Cyber Essentials+, ITHC and GDPR (ITIL, ISO42001 and ISO31000 awareness welcomed)Self-starting, comfortable communicating compliance issues in clear actionable terms to stakeholders at every level The salary & benefits:Salary of £45,000-£50,00025 days annual leave (increasing to 30 with tenure)Pension scheme: 5% employee + 4% employer (scaling to 9% + 8% matched)Private healthcareGenuine investment in certifications and career development