Compliance and Monitoring Analyst (Infrastructure Security)

Location: Glasgow – hybrid working (2-3 days in the office)

Salary: £48-60K (plus up to 10% bonus and private healthcare cover)

Permanent, Full Time

Help us create a better future, quicker. We are seeking an experienced Compliance and Monitoring Analyst to support the design, implementation and ongoing assurance of infrastructure security controls across critical technology platforms and services. This role plays a key part in ensuring that security controls operate effectively, align with secure by design principles, and meet both regulatory and internal assurance requirements within a regulated environment.

What you’ll be doing

• You will work closely with teams across Cyber Security, Infrastructure, Platforms, Operations and Cloud to help embed security controls into technology solutions.
• Through continuous monitoring, evidence gathering and reporting, you will provide clear assurance that infrastructure environments remain compliant and resilient.
• The role involves supporting the implementation and assurance of security controls across both on‐premise and cloud environments.
• You will review designs and technology changes against secure by design principles, assess control coverage, and validate that security requirements are correctly implemented and maintained.
• Working alongside security architects and infrastructure teams, you will contribute to initiatives from early discovery through to live service, ensuring that security and compliance considerations are built in from the outset and translated into practical, operable controls.
• You will carry out control assessments, risk reviews and gap analysis against recognised frameworks and internal standards, supporting remediation where improvements are needed.
• This includes tracking issues, working with action owners, and providing confidence that controls have been effectively implemented.
• You will also contribute to the development and maintenance of infrastructure security documentation, including standards, procedures, control descriptions and audit-ready evidence packs.
• Apart from project activity, you will support ongoing monitoring and assurance across infrastructure platforms such as networks, servers, endpoints and cloud services.
• This includes reviewing security metrics, control effectiveness indicators and exception reports, as well as supporting vulnerability management, configuration compliance activities, and post-incident reviews from a control and compliance perspective.
• You will assist with internal and external audits, regulatory reviews and risk assessments by preparing evidence, responding to queries and supporting control walkthroughs.

What you’ll bring

The role offers the opportunity to work collaboratively with UK and global stakeholders to promote consistent application of infrastructure security controls and to contribute to continual improvement of assurance processes. You will further develop your expertise in infrastructure security, risk management and compliance within a complex enterprise environment, while strengthening stakeholder engagement skills and contributing to knowledge sharing across security and technology teams. We are looking for someone with experience in a security compliance, assurance or monitoring role within a regulated industry, and a strong understanding of infrastructure security controls and secure by design principles. You will be comfortable working with technical teams, able to interpret infrastructure designs and configurations, and confident translating these into clear risk and compliance insights for both technical and non-technical audiences. Experience working within project environments, including Agile or hybrid delivery models, is desirable.

What’s in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we’ll double match your contribution up to a company contribution of 10%. At ScottishPower, we believe it’s the little things we do in life that make a big difference. From helping you look after your family’s wellbeing, save for your future and take personal steps for climate action – our benefits are designed to help you do just that - so that you have everything you need to take care of your world – today and tomorrow.

• 36 days annual leave
• Holiday purchase – perfect your work/life balance with extra annual leave
• Share Incentive Plan and Sharesave Scheme
• Payroll giving and charity matched funding
• Technology Vouchers – save more and spread the cost of your technology purchases
• Count us in – pledge to reduce carbon emissions and help fight climate change
• Electric Vehicle Schemes – to help you transition to green/clean driving
• Cycle to Work scheme and public transport season ticket loans
• Options to purchase dental insurance, private medical insurance, health cash plan and annual health assessments
• Life Assurance (4x salary)
• Access to ‘nudge’ financial wellbeing support
• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why ScottishPower

ScottishPower is part of the Iberdrola Group, one of the world’s largest integrated utility companies and a world leader in wind energy. With a commitment to generate all of our energy from renewable resources and a drive to create the energy infrastructure of the future, we’re at the forefront of the journey to Net Zero and investing over £6m every working day to make this happen. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you’ll fit right in.

ScottishPower is committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to careers@scottishpower.com.