Security Risk Analyst

Security Risk Analyst

Full-Time 70000 - 90000 £ / year (est.) No working from home possible
Arqiva

At a Glance

  • Tasks: Lead security risk assessments and enhance compliance across the organisation.
  • Company: Join Arqiva, a leader in connectivity and media solutions.
  • Benefits: Flexible hybrid working, generous pension, wellbeing programmes, and learning opportunities.
  • Other info: Supportive culture with active networks and commitment to diversity and inclusion.
  • Why this job: Make a real impact on security governance while growing your career.
  • Qualifications: Degree in Cyber Security or related field; experience in risk management preferred.

The predicted salary is between 70000 - 90000 £ per year.

Supports and strengthens Arqiva's governance risk and compliance (GRC) capabilities by performing security risk assessments, supporting compliance activities, and helping ensure security policies and controls are effectively embedded across the organisation. Operates as an experienced senior-level analyst within the GRC function providing guidance, conducting complex assessments, and contributing to the organisation's overall security maturity. We operate a flexible hybrid working environment with a requirement to travel to either our Winchester or London office up to twice a week.

Accountabilities:

  • Lead and perform security risk assessments for internal systems, business processes, and projects.
  • Identify, document, and analyse risks, recommending suitable mitigation actions.
  • Review and challenge risk findings raised by internal teams and auditors.
  • Support remediation planning and track follow-up activities with stakeholders.
  • Conduct or support compliance checks, security assessments, and control testing.
  • Ensure alignment with regulatory and standards-based requirements (e.g. GDPR, ISO 27001).
  • Participate in internal and external audits by preparing evidence, coordinating responses, and ensuring remediation actions are completed.
  • Contribute to the development, maintenance, and lifecycle management of security policies, standards, and procedures.
  • Provide informed risk governance and compliance guidance to teams across the organisation.
  • Ensure governance documentation remains accurate and aligned with evolving business needs.
  • Identify opportunities to enhance risk management, governance processes, and compliance workflows.
  • Support the rollout and adoption of GRC tools, frameworks, or methodologies.
  • Integrate lessons learned from incidents, audits, and assessments into updated processes and documentation.
  • Work closely with cross-functional teams to support risk-based decision making.
  • Contribute to the design and delivery of security awareness and training materials.
  • Act as a knowledgeable point of contact for GRC-related queries.
  • Support wider GRC activities as required aligned to the E10 level of responsibility.

Skills:

  • Strong understanding of cyber security principles and practices.
  • Good knowledge of risk management methods and the ability to assess and interpret security risks.
  • Solid understanding of governance and compliance frameworks (e.g. ISO 27001, GDPR).
  • Excellent analytical and problem-solving skills.
  • Able to communicate technical risk clearly to both technical and non-technical audiences.
  • Ability to work both independently and collaboratively across teams.
  • Strong stakeholder and relationship management skills.

Experience:

  • Experience in cyber security, information security, governance, risk, or compliance.
  • Good understanding of security standards and industry best practices.
  • Experience contributing to audits, compliance checks, and risk assessments.
  • Ability to apply governance and compliance requirements in a practical business context.

Qualifications:

  • Degree or equivalent experience in Cyber Security, Information Systems, Computer Science, or similar.
  • Certifications such as CISSP, CISM, or CRISC are beneficial but not essential.

Please note that the successful candidate will be required to successfully undergo UK Security Clearance and must have been resident within the UK for at least five years.

At Arqiva, we're committed to building a workplace where everyone feels valued, heard, and empowered to succeed. We welcome applications from all backgrounds and experiences and we work hard to remove barriers so every colleague can thrive.

Security Risk Analyst employer: Arqiva

Arqiva is an exceptional employer that prioritises a flexible and hybrid working culture, allowing employees to balance their professional and personal lives effectively. With a strong commitment to employee wellbeing, generous pension schemes, and numerous learning opportunities, Arqiva fosters a supportive environment where individuals can thrive and grow in their careers. The company's dedication to diversity and inclusion ensures that every team member feels valued and empowered, making it a truly rewarding place to work.

Arqiva

Contact Details:

Arqiva Recruitment Team

We think you need these skills to ace Security Risk Analyst

Security Risk Assessment
Risk Management
Governance and Compliance Frameworks
ISO 27001
GDPR
Analytical Skills
Problem-Solving Skills