Security Analyst
| Posting date: | 12 May 2026 |
|---|---|
| Hours: | Full time |
| Closing date: | 30 May 2026 |
| Location: | Bristol, South West England |
| Remote working: | Hybrid - work remotely up to 3 days per week |
| Company: | Route 101 Limited |
| Job type: | Permanent |
| Job reference: | JO-0012002 |
Summary
We are seeking an experienced Security, Risk, Compliance and Sustainability Analyst to join our team. They will support compliance to Standards, manage Client Specific Risk Remediation Plans, support Audits, develop the company ISMS and advise on Security good practice. The candidate will work closely with cross-functional teams, including implementation, support, governance, and senior leadership with their initial focus within Central Government Clients. In the medium term the role will expand to consult on other existing clients, and new business.
Key Responsibilities
Support the CISO and act as empowered Deputy when required
Interface with Client Security Leads to identify, manage and remediate security risks
Interface with Suppliers/Partners to identify, manage and remediate security risks
Support the Development of the Company and Service level ISMS, Including Working Closely with Supply Chain Partners
Research assigned Security topics, feedback learning
Complete Security, Risk and Compliance Project work as assigned – new client stand up, security management, ISQ’s etc.
Produce Low Level and Detailed Security Review and Assurance Collateral
Assure Security, Risk and Compliance Controls including oversight of associated testing such as IT Health Checks and /or Penetration Testing
Document Procedures and Best Practices
Work Directly With Internal, External and Client Auditors To Evidence Compliance to Standards, i.e. ISO27001,ISO42001, ITHC, penetration tests, vulnerability scans, SC+, etc
Support Testing Activities Including DR and BCP
Support and Manage both Simulated and Real World Security Incidents
Maintain documentation
Skills & Experience
Experience
Minimum of 2 Years Experience in Security, Risk and Compliance. Experience in preparing organisations for audit, and working directly with auditors and Clients on security, risk and compliance. Experience in Public Sector or BPO environments will be looked on favourably, including supporting Accreditation/Assurance activities. The successful candidate must be quickly able to grasp new topics and have experience with working with clients, partners and suppliers.
Technology Expertise
It is likely that the candidate will be targeting a CISSP or equivalent certification/qualification. Strong understanding of regulatory frameworks and risk management strategies; Keen interest in keeping knowledge current/up to date. Sound understanding of regulatory frameworks and risk management strategies; ISO27001/2 - Information Security, ISO22301 – Business Continuity Management, PCI-DSS v4.0, Cyber Essentials +, ITHC, GDPR. Awareness of ITIL, ISO42001 and ISO31000 would be looked on favourably.
Leadership
They must be self starting and be comfortable working with individuals at all levels in organisations, Ability to champion Security, Risk and Compliance Good Practice for business benefit
Stakeholder Management
Ability to communicate compliance issues in clear, actionable, terms to business stakeholders.
Project Management
General awareness of project management and organization readiness
Problem Solving
Sound problem-solving and analytical skills. Ability to Produce Quality Documentation. Ability to clearly communicate.
Education
Relevant degree or experience
Key Responsibilities
Support the CISO and act as empowered Deputy when required
Interface with Client Security Leads to identify, manage and remediate security risks
Interface with Suppliers/Partners to identify, manage and remediate security risks
Support the Development of the Company and Service level ISMS, Including Working Closely with Supply Chain Partners
Research assigned Security topics, feedback learning
Complete Security, Risk and Compliance Project work as assigned – new client stand up, security management, ISQ’s etc.
Produce Low Level and Detailed Security Review and Assurance Collateral
Assure Security, Risk and Compliance Controls including oversight of associated testing such as IT Health Checks and /or Penetration Testing
Document Procedures and Best Practices
Work Directly With Internal, External and Client Auditors To Evidence Compliance to Standards, i.e. ISO27001,ISO42001, ITHC, penetration tests, vulnerability scans, SC+, etc
Support Testing Activities Including DR and BCP
Support and Manage both Simulated and Real World Security Incidents
Maintain documentation
Skills & Experience
Experience
Minimum of 2 Years Experience in Security, Risk and Compliance. Experience in preparing organisations for audit, and working directly with auditors and Clients on security, risk and compliance. Experience in Public Sector or BPO environments will be looked on favourably, including supporting Accreditation/Assurance activities. The successful candidate must be quickly able to grasp new topics and have experience with working with clients, partners and suppliers.
Technology Expertise
It is likely that the candidate will be targeting a CISSP or equivalent certification/qualification. Strong understanding of regulatory frameworks and risk management strategies; Keen interest in keeping knowledge current/up to date. Sound understanding of regulatory frameworks and risk management strategies; ISO27001/2 - Information Security, ISO22301 – Business Continuity Management, PCI-DSS v4.0, Cyber Essentials +, ITHC, GDPR. Awareness of ITIL, ISO42001 and ISO31000 would be looked on favourably.
Leadership
They must be self starting and be comfortable working with individuals at all levels in organisations, Ability to champion Security, Risk and Compliance Good Practice for business benefit
Stakeholder Management
Ability to communicate compliance issues in clear, actionable, terms to business stakeholders.
Project Management
General awareness of project management and organization readiness
Problem Solving
Sound problem-solving and analytical skills. Ability to Produce Quality Documentation. Ability to clearly communicate.
Education
Relevant degree or experience
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.