Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join us as an Information Security Risk and Compliance Analyst, managing security risks and compliance.
- Company: Severn Trent provides critical national infrastructure, ensuring secure IT services for millions.
- Benefits: Enjoy 28 days holiday, annual bonuses, a leading pension scheme, and dedicated training.
- Why this job: Be part of a dynamic team protecting communities while developing your career in a meaningful way.
- Qualifications: Experience in Information Security, knowledge of regulatory standards, and strong communication skills required.
- Other info: Diverse backgrounds welcomed; we celebrate individuality and encourage involvement in our mission.
The predicted salary is between 36000 - 60000 £ per year.
Here in Technology our mission is simple – deliver and maintain secure and stable IT services, maximising value to our business. Our teams are always interested in learning new, innovative, and exciting ways for us to aid our business colleagues, and ultimately our customers' experience. Collectively, we provide a critical national infrastructure to millions of customers in our region, making us a high-profile target for cyber-attacks on our IT systems. Our Information Security team protects the business, its people, and customers from these daily threats.
In this role, you’ll be key to identifying, measuring, and reporting on our Information Security Risk and Compliance position, as well as supporting gap analysis and remediation across the business. You’ll be actively involved in identifying and managing Information Security risk through various methods including scoping and managing security testing as well as conducting control, vulnerability, and risk assessments. You will align this with ensuring the business meets its goals and objectives.
Your key accountabilities will include:
- Identifying and managing Information Security risk, aligning with control frameworks such as NIST and CIS
- Scoping and managing security testing
- Reviewing, testing, and monitoring control effectiveness
- Maintaining the Information Security compliance framework, ensuring alignment and traceability to legal, regulatory, and corporate policy control requirements
- Liaising with our supply chain to identify, analyse, and report on their cyber posture
- Using clear communication skills to report on various KPIs across risk management and compliance obligations to appropriate Severn Trent governance groups
- Developing, maintaining, and continuously improving Information Security standards, policies, and processes
- Planning and developing Information Security training and awareness initiatives
- Collaborating across the technology department to drive continuous improvement
You’ll join the team with experience in Information Security and be passionate about the field, keeping up to date with emerging threats and technologies. To be successful, you’ll need experience of managing control frameworks and working within a regulated environment, with knowledge of regulatory standards such as GDPR, NISR, PCI DSS. You should also have experience in managing Information Security risk and security testing, along with an in-depth knowledge of control frameworks and how they can be effectively applied to manage risk.
You’ll need to have excellent communication skills and be able to influence decision making with internal and external stakeholders. We welcome people from all walks of life and celebrate individuality as we know diverse minds, experiences, and backgrounds help us to learn and better serve our communities.
Working here isn’t just a job. You can build a career at Severn Trent. We’ll reward you for it, too. We have a range of benefits that recognise great work, and award-winning training to help you reach your potential. Here are just some of our favourite perks:
- 28 days holiday + bank holidays (and the ability to buy/sell up to 5 days per year)
- Annual bonus scheme (up to £2,250 based on company performance and subject to eligibility)
- Leading pension scheme – we will double your contribution (up to 15% when you contribute 7.5%)
- Sharesave – the chance to buy Severn Trent Plc shares at a discounted rate
- Dedicated training and development with our Academy
- Electric vehicle scheme and retail offers
- Family friendly policies
- Two paid volunteering days per year
We can’t wait to hear from you. Before you apply, you’ll need an updated copy of your CV and about five minutes to spare. If your curiosity has been piqued and you’re wanting to find out even more, search #LifeAtSevernTrent on social media.
Information Security Risk and Compliance Analyst employer: SevernTrentLife
Contact Detail:
SevernTrentLife Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Risk and Compliance Analyst
✨Tip Number 1
Familiarise yourself with the key regulatory standards mentioned in the job description, such as GDPR, NISR, and PCI DSS. Being able to discuss these frameworks confidently during your interview will demonstrate your knowledge and commitment to compliance.
✨Tip Number 2
Showcase your experience with risk management and security testing by preparing specific examples of past projects or challenges you've faced. This will help you illustrate your problem-solving skills and how you can contribute to the team.
✨Tip Number 3
Brush up on your communication skills, as the role requires clear articulation of risks and influencing stakeholders. Practising how to convey complex information simply can set you apart from other candidates.
✨Tip Number 4
Research Severn Trent's current initiatives and values, especially around community engagement and environmental responsibility. Being able to align your personal values with the company's mission can make a strong impression during your interview.
We think you need these skills to ace Information Security Risk and Compliance Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in Information Security, particularly in managing control frameworks and working within regulated environments. Use keywords from the job description to demonstrate your fit for the role.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for Information Security and your understanding of the challenges faced by the company. Mention specific experiences that align with the responsibilities outlined in the job description.
Highlight Communication Skills: Since strong communication skills are essential for this role, provide examples in your application of how you've effectively communicated complex information to various stakeholders in the past.
Showcase Continuous Learning: Demonstrate your commitment to staying updated on emerging threats and technologies in Information Security. Mention any relevant certifications, courses, or training you have completed that would benefit the role.
How to prepare for a job interview at SevernTrentLife
✨Understand the Role and Responsibilities
Make sure you thoroughly understand the job description and key accountabilities. Familiarise yourself with terms like NIST, CIS, GDPR, and PCI DSS, as these will likely come up during your interview.
✨Showcase Your Communication Skills
Since strong communication is crucial for this role, prepare to demonstrate how you've effectively communicated complex information in the past. Think of examples where you influenced decision-making or reported on risk management.
✨Prepare for Technical Questions
Expect questions related to Information Security risk management and compliance frameworks. Brush up on your knowledge of security testing methods and control effectiveness to confidently answer technical queries.
✨Demonstrate Your Passion for Information Security
Be ready to discuss recent trends or emerging threats in the field of Information Security. Showing that you are proactive about learning and staying updated can set you apart from other candidates.
