Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Manage information security risks and ensure compliance with key standards like ISO 27001.
- Company: Join a leading firm in Liverpool focused on enhancing information security.
- Benefits: Enjoy private medical insurance, life assurance, and a generous holiday package.
- Other info: Dynamic role with opportunities for professional growth and development.
- Why this job: Make a real impact on security practices while collaborating with industry experts.
- Qualifications: 3+ years in information security, with experience in governance, risk, and compliance.
The predicted salary is between 40000 - 50000 £ per year.
We’re seeking a talented individual to join our team in Liverpool, which is responsible for the execution of day-to-day information security risk management activities and the enhancement of the overall effectiveness and efficiency of the information security risk management capabilities across the Evelyn Partners Enterprise. You will play a crucial role in ensuring our organisation's compliance with information security standards and frameworks, particularly Cyber Essentials, ISO 27001 and NIST Cybersecurity Framework (CSF) v2.
Your responsibilities will include among others:
- Define, develop, and maintain security best practice by implementing technical standards, policies, and processes, and providing expert advice to stakeholders to ensure regulatory and legal compliance.
- Drive continuous improvement of the security posture through internal and external cybersecurity collaboration, actively contributing to industry and partner engagements.
- Prepare and present clear, actionable security reports, including risk metrics, trends, findings, and ratings, to inform decision‑making by senior stakeholders.
- Lead information security risk management activities, including risk assessments, control reviews, residual risk evaluation, and recommending mitigating actions; maintain and manage the security risk register.
- Identify and assess emerging and existing information security risks using internal sources (e.g. audits, penetration tests) and external intelligence (e.g. threat feeds, industry advisories), ensuring risks to confidentiality, integrity, and availability are effectively managed.
- Support compliance and engagement initiatives by managing ISMS activities, audits, certifications (e.g. ISO 27001, Cyber Essentials, NIST CSF), and working closely with internal teams and security partners to embed a strong, risk‑aware security culture.
Qualifications
To be successful in this role, you should:
- A minimum of 3 years experience in an Information Security based role, dealing specifically with governance, risk and compliance areas and undertaking information security in both a waterfall and an agile context.
- Prior experience writing Information Security related Policies, Processes and Procedures.
- Experience managing internal and third-party vendor risk assessments and writing risk assessment reports.
- A record of accomplishment of effectively analysing security controls, while understanding the risk of certain controls not being in place.
- The ability to effectively communicate security risks and impact to various business (often non-technical) stakeholders while working proactively, pragmatically and collaboratively in a fast‑paced working environment, balancing multiple concurrent activities.
- Experience in using standards such as ISO 27001 (Implementation, Compliance, Certification, and audit reviews), NIST CSF, and Cyber Essentials.
- Degree or equivalent in Information Technology or Risk Management is preferred.
- Certification in Information Security domains is preferred, especially around ISO27001.
- Certification in cloud architectures is advantageous, especially Microsoft Azure.
Benefits
- Private medical insurance
- Life assurance
- Pension contribution
- Generous holiday package
- Option to purchase additional holiday
- Shared parental leave
Information Security Compliance Analyst employer: Evelyn Partners
Contact Detail:
Evelyn Partners Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Compliance Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the industry on LinkedIn or at local meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of Cyber Essentials, ISO 27001, and NIST CSF. We recommend creating a cheat sheet with key points and examples from your experience to showcase your expertise during the chat.
✨Tip Number 3
Don’t forget to follow up after interviews! A quick thank-you email can go a long way in keeping you top of mind. We suggest mentioning something specific from the interview to show you were engaged and interested.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Information Security Compliance Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Compliance Analyst role. Highlight your experience with governance, risk, and compliance, and don’t forget to mention any relevant certifications like ISO 27001 or NIST CSF.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about information security and how your skills align with our needs. Be specific about your experience in writing policies and managing risk assessments.
Showcase Your Communication Skills: Since you'll be communicating with non-technical stakeholders, make sure to demonstrate your ability to convey complex security concepts in simple terms. This will show us that you can bridge the gap between technical and business teams.
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people!
How to prepare for a job interview at Evelyn Partners
✨Know Your Standards
Familiarise yourself with Cyber Essentials, ISO 27001, and the NIST Cybersecurity Framework. Be ready to discuss how you've applied these standards in your previous roles, as this will show your understanding of compliance and risk management.
✨Showcase Your Experience
Prepare specific examples from your past work that highlight your experience in governance, risk, and compliance. Discuss any policies or procedures you've developed and how they improved security posture, as this will demonstrate your hands-on expertise.
✨Communicate Clearly
Practice explaining complex security concepts in simple terms. You’ll likely need to present findings to non-technical stakeholders, so being able to convey risks and impacts clearly is crucial for success in this role.
✨Engage with the Team
Research the company culture and be prepared to discuss how you can contribute to a strong, risk-aware security culture. Show enthusiasm for collaboration and continuous improvement, as these are key aspects of the role.