Job Description

Governance, Risk & Compliance Analyst
Location: Salford
Employment Type: Full-time
PCD290115

Role Overview
The Team
Working cross-functionally you will establish and maintain the security governance framework, ensuring all key stakeholders across the Executive Leadership Team have visibility of the business security posture and security roadmap.
You will leverage key partner / supplier relationships to define performance measures required by the business across all security services, covering areas such as security risk management, operations and penetration testing.
With responsibility for the implementation of the cyber security roadmap, you will ensure security services are cost-optimised and offer value to the business.

You will support the business to maintain compliance with relevant legislative requirements such as Telecommunications Security Act, Investigatory Powers Act; along with broader compliance programmes such as ISO27001.

Role Expectations
• Lead the design, implementation, and governance of IT and cyber security policy frameworks.
• Develop and manage an enterprise policy governance structure that aligns with industry best practices and internal strategy.
• Ensure cyber policies remain current, effective, and aligned with evolving technologies, threats, and compliance requirements.
• Promote cyber awareness initiatives across the organisation to embed a strong security culture.
• Monitor and report on policy adherence, risks, and mitigation plans to senior stakeholders.
• Collaborate with key internal and external stakeholders to ensure a consistent and integrated approach to cyber policy and governance.
• Identify opportunities for policy automation and toolset enhancements.

Must Have
• more than five years’ experience in cyber governance, cyber assurance, policy development, or IT compliance.
• Strong knowledge of cyber security frameworks such as TSA, NIST, PCI-DSS, CE+ and ISO 27001.
• Hands-on experience with cloud platforms, preferably cloud platform.
• Relevant certifications such as CISSP, CISM, or CRISC are preferred but not essential.
• Excellent stakeholder management, reporting, and communication skills.

Be Yourself. Make an Impact. Join Us.
As a recognised Top 50 Inclusive Employer in the UK, we believe that diversity fuels innovation and success. We’re committed to building a workplace that the communities and customers we serve. At the organisation, inclusion is part of our DNA – we’re all 100% human, and we’ve created a culture where you can truly be yourself.
We’re not your traditional 9-5. We’re a dynamic, flexible workplace, and we’re excited to hear how you like to work. Whether you thrive in collaboration, focus better at home, or prefer a bit of both – let’s make it work.

Benefits
• Flexible hybrid working – with a minimum of 50% office presence to support teamwork and connection.
• Collaborative office spaces designed for creative thinking and innovation.
• Free on-site parking at our offices.
• Generous holiday package – 25 days annual leave, 3 wellbeing days, and your birthday off (plus the option to buy up to 10 more days!).
• Private healthcare for all employees.
• Competitive pension scheme and performance-related bonus opportunities.
• Free broadband for all employees.
• Life event gifts – celebrating milestones like marriages and births.
• Inclusive employee networks – open to all, supporting peer connection and thought-provoking conversations.
• Salary sacrifice scheme – save on dental, gym, and more.
• Big retail and leisure discounts.
• 3 paid volunteering days a year – because making a difference matters to us too.