Director of Security and Compliance safeguarding digital assets and data with a focus on cybersecurity and compliance. Leading risk management, stakeholder engagement, and team leadership initiatives.
About the role
- Cyber Security Governance Analyst shaping security frameworks at Sword. Supporting cyber security governance in a major energy network programme.
Responsibilities
- Develop and document a Configuration Management Plan aligned to recognised frameworks such as NIST.
- Define and establish secure configuration principles, translating technical requirements into clear, actionable policy.
- Design and document governance processes, including roles and responsibilities across the 2nd Line of Defence.
- Support the rollout and adoption of governance frameworks, working closely with business change and communications teams.
- Enhance change management processes, including contributing to Change Advisory Board (CAB) inputs and governance controls.
- Work with stakeholders to embed security standards into day-to-day operations across technology and business teams.
- Gather and interpret configuration compliance data to support governance and assurance activities.
- Simplify complex security concepts into practical guidance that can be understood and applied by non-technical stakeholders.
- Maintain high-quality documentation to support audit, compliance, and continuous improvement.
Requirements
- Experience working within cyber security governance, risk, or security controls roles.
- Strong understanding of security frameworks such as ISO 27001, NIST, or similar.
- Experience developing or contributing to security policies, standards, or governance frameworks.
- Ability to translate security requirements into practical processes and guidance for business teams.
- Experience working in regulated environments such as energy, utilities, or financial services.
- Strong stakeholder engagement skills, with the ability to work across technical and non-technical teams.
- Excellent documentation skills, with a structured and detail-oriented approach.
- **It would be great if you also had:**
- Experience developing or implementing configuration management or secure configuration standards.
- Exposure to change management processes and governance forums such as CAB.
- Understanding of security controls across areas such as access management, configuration, or asset management.
- Experience supporting the rollout or embedding of new governance processes across an organisation.
Benefits
- Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
- Flexible working: Flexible work arrangements to support your work-life balance. We can’t promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can.
- A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Risk & Compliance Analyst supporting the maintenance of ISO 27001 standards. Contributing to risk assessments and compliance across AAB’s Business Protection Team.
Information Security Risk & Compliance Analyst at AAB managing compliance with ISO 27001, supporting enterprise risk assessments and enhancing information security systems.
Information Security Risk & Compliance Analyst at AAB focusing on ISO 27001 compliance and information security management. Collaborating across teams to ensure robust risk and compliance frameworks.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.
Cloud Security Architect supporting federal customer projects focused on architecture and security solutions. Conducting risk assessments and defining security requirements within a cloud environment.
Information Security Specialist responsible for enhancing cybersecurity posture through incident management and compliance. Collaborating with cross - functional teams to monitor threats and implement security measures.
Senior Lead Info Security Architect leading and collaborating on cybersecurity solutions at TIAA. Responsible for secure design and implementation of cloud security strategies and practices.
Part Time Security Officer providing protection for Collector's personnel and assets at trade shows across North America while reporting to Security Shows & Transportation Manager.
Enterprise Security Architect at PBCN GmbH designing and implementing security architectures. Collaborating with teams to ensure application security and conducting risk assessments.