Information Security Risk and Compliance Analyst

 

Here in Technology our mission is simple – deliver and maintain secure and stable IT services, maximising value to our business.   

  

Dig a little deeper and you will find a living, breathing department, of highly talented individuals and teams, buzzing with energy, ideas, and enthusiasm. Who are always interested in learning new, innovative, and exciting ways for us to aid our business colleagues, and ultimately our customers experience.   

  

Collectively, we provide a critical national infrastructure to millions of customers in our region, so the only question is why wouldn't you want to be part of that?  

  

If you want to do more because you care, we’d love to talk to you. There really is something for everyone here.  

  

EVERYTHING YOU NEED TO KNOW   

  

We provide a critical national infrastructure to millions of customers in our region. This makes us a high-profile target for cyber-attacks on our IT systems, which if successful, could have disastrous consequences for our customers, colleagues, and the communities we serve. 

  

Our Information Security team do a wonderful job in protecting the business, its people, and customers from these daily threats, and we have an opportunity for you to join us as an Information Security Risk and Compliance Analyst. 

In this role, you’ll be key to identifying, measuring, and reporting on our Information Security Compliance and Risk position, as well as supporting gap analysis and remediation across the business.   

  

You’ll be actively involved in identifying and managing Information Security risk through various methods including scoping and managing security testing as well as conducting control, vulnerability, and risk assessments. You will align this with ensuring the business meets its goals and objectives. You’ll own these assessments throughout their lifecycle, providing technical knowledge and insights to aid the risk treatment. You’ll be required to have strong communication skills, being able to provide clear and concise updates to various stakeholders.  

 

Your key accountabilities will include: 

  

• Identifying and managing Information Security risk, aligning with control frameworks 

• Scoping and managing security testing 

• Review, test, and monitor control effectiveness 

• Maintain the Information Security compliance framework, ensuring alignment and traceability to legal, regulatory, and corporate policy control requirements 

• Using clear communication skills to report on various KPIs across risk management and compliance obligations to appropriate Severn Trent Governance groups 

• Develop and maintain Information Security standards, policies, and processes 

• Plan and develop Information Security training initiatives  

• Collaborating across the technology department to drive continuous improvement 

 

WHAT YOU’LL BRING TO THE ROLE  

  

You’ll join the team with experience in Information Security, with exposure to planning, implementing, and managing good practice standards and policies. 

  

To be successful, you’ll need experience of managing control frameworks and working within a regulated environment, with knowledge of regulatory standards such as GDPR, NISR, PCI and DSS. You should also have experience in managing Information Security risk and security testing, along with an in-depth knowledge of control frameworks and how they can be effectively applied to manage risk. 

  

You’ll need to have excellent communication skills and be able to influence decision making with internal and external stakeholders. You’ll be able to clearly articulate identified risks and negotiate an improved position which will enhance the security of Severn Trent. 

  

We welcome people from all walks of life and celebrate individuality as we know diverse minds, experiences and backgrounds help us to learn and better serve our communities. We want people who show up and get involved. Those who are ready to be part of something bigger and who want to make a difference because they care. 

   

WHAT’S IN IT FOR YOU   

  

Working here isn’t just a job. You can build a career at Severn Trent. We’ll reward you for it, too. We have a range of benefits that recognise great work, and award-winning training to help you reach your potential. And we’ll also help you play your part in looking after the environment and the communities where we live.  

  

With that in mind, here are just some of our favourite's perks that you’ll get being part of the Seven Trent family: 

  

• 28 days holiday + bank holidays (and the ability to buy/ sell up to 5 days per year)  

• Annual bonus scheme (up to £2,250 based on company performance and subject to eligibility) 

• Leading pension scheme – we will double your contribution (up to 15% when you contribute 7.5%)   

• Sharesave – the chance to buy Severn Trent Plc shares at a discounted rate 

• Dedicated training and development with our Academy  

• Electric vehicle scheme and retail offers  

• Family friendly policies  

• Two paid volunteering days per year 

  

WHAT’S NEXT  

  

We can’t wait to hear from you.      

 

Before you apply, you’ll need an updated copy of your CV and about five minutes to spare. 

  

If your curiosity has been piqued and you're wanting to find out even more, search #LifeAtSevernTrent on social media.    

  

Ps. we’ll always let you know the outcome of your application after the closing date - so keep an eye on your phone and emails