Information Security Compliance Analyst Location: Hatfield, UK Job Type: 12 Month Fixed Term Contract (Salaried) A new exciting permanent role for an Information Security Compliance Analyst to support the development and maintenance of an EMEA-wide information security management system. The successful candidate will ensure the continued certification of their ISO 27001:2022 management system and maintain compliance with all relevant legislation and regulations. Day-to-Day of the Role: Conduct information security, information system, and compliance-based risk assessments, evaluate responses, and recommend risk treatment actions. Develop and execute risk mitigation plans in conjunction with relevant internal and external stakeholders/groups to agreed timescales, following through to completion. Support the creation, implementation, and maintenance of information security policies and standards in accordance with ISO 27001 and other relevant frameworks (NIST CSF, IEC 62443, CIS, GDPR, etc.). Maintain the department’s information security procedures, including incident response and business continuity management, conducting tabletop exercises to evaluate effectiveness. Manage the information security awareness training program to ensure all employees comply with applicable security policies, procedures, laws, and regulations. Manage information security programs to ensure compliance with legal and regulatory requirements. Monitor, analyse, and report on information security-based management metrics. Perform comprehensive third-party information security due diligence assessments, report on results, recommend remediation activities, and ensure security clauses are included in contracts as relevant. Support information security and compliance audits within the department. Required Skills & Qualifications: Degree level qualified or equivalent - highly desirable. CISM, CRISC, or other relevant certification - highly desirable. ISO 27001:2022 Lead Implementer/Auditor certification - essential. Demonstrable experience in Information Security, IT Governance, Risk, and Compliance roles, including maintaining an ISO 27001 compliant management system. Extensive knowledge of industry standard frameworks and best practices (ISO 27001: 2022, ISO 27002:2022, ISO 27005, ISO 31000, NIST). Experience in conducting information security risk assessments and developing, implementing, managing, and maintaining Information Security policies, controls, standards, and procedures. Experience in project managing Information Security, Data Protection & Compliance initiatives. Strong communication skills (written & verbal in English) including the ability to inform, influence and present at all levels of the organisation. Benefits: Competitive salary (dependent on experience) Holiday Allowance: 24 days (not including bank holidays) Annual Discretionary Bonus: 10% Pension: Up to 5% Employee, 10% Employer Health Insurance: Aviva - employee only (family members through discounted monthly payroll deduction if required) Dental Insurance: Unum - employee only (family members through discounted monthly payroll deduction if required) Life Assurance: 4 x Basic salary Hybrid working: 50% of working time Subsidised onsite restaurant and coffee shop Learning and development opportunities, including Leadership programmes To apply for the Information Security Compliance Analyst role, please submit your updated CV to be considered.