Senior Information Security & Compliance Analyst

Senior Information Security & Compliance Analyst

Full-Time 45000 - 55000 £ / year (est.) Home office (partial)
MWH Treatment Limited

At a Glance

  • Tasks: Support governance and improvement of information security and data protection processes.
  • Company: Join a leading organisation focused on critical national infrastructure.
  • Benefits: Hybrid working, competitive salary, and opportunities for professional growth.
  • Other info: Be part of a dynamic team working towards ISO 27001 certification.
  • Why this job: Make a real impact in security and compliance while working with diverse stakeholders.
  • Qualifications: Experience in information security or data privacy is preferred.

The predicted salary is between 45000 - 55000 £ per year.

We are looking to strengthen the MWH Business Systems team with a Senior Information Security & Compliance Analyst based at the Hattersley office with hybrid working available. The Senior Information Security & Compliance Analyst supports the effective governance, operation, and continuous improvement of the organisation’s information security and data protection processes. You will act as the second‑in‑command to the Information Security & Compliance Manager, providing hands‑on support for day‑to‑day compliance activities, incident response, risk management, and stakeholder engagement.

The role ensures resilience and consistency in the organisation’s security and privacy controls, particularly during periods of increased workload or officer absence. Working within the MWH Treatment Business Systems team, this role is central to the security and governance of the business. You will be a key point of contact for MWH staff, clients, suppliers and other RSK group companies relating to information security and data protection matters.

You will work alongside the internal Cyber Security team and external consultants to assess risks to MWH Treatment, develop mitigation strategies and implement controls. You will help assess new software for security risks, contractual risks in the vendor’s terms and conditions, and ensure privacy controls are in place. You will be part of the MWH Business Continuity team, helping with security incident response planning, incident management and investigation. You will work with all parts of the business, service providers, external consultants, clients, JV partners, RSK Group companies and our supply chain partners.

MWH Treatment are working towards attaining ISO 27001 certification. You will play a significant role in working with stakeholders and risk owners to define and document controls, coordinate progress, track issues and monitor compliance. MWH work in a regulated environment for owners of Critical National Infrastructure. Part of your role will be to help answer InfoSec, CyberSec and Privacy questions, draft technical responses for tenders, work with external and internal auditors, insurers and regulators.

A working knowledge of the Data Protection Act 2018, UK-GDPR and associated legislation is desirable for this role. Knowledge of ISO27001, Data Loss Prevention (DLP) strategies and records retention would be an advantage. Some knowledge of basic cyber security techniques will also be helpful. It should be noted that this is a strategic and governance role, not a technical cyber security role.

DPO Responsibilities
  • Deputise for the company DPO
  • Be a point of contact, providing day to day advice, training and guidance to the business
  • Help develop policy and guidance
  • Support operational decision making with privacy input
  • Maintain Records of Processing Activities (RoPA)
  • Work with the HR team to manage or quality check DSAR responses
  • Help coordinate searches and redactions
  • Investigate privacy complaints
  • Ensure statutory deadlines are met
Experience

Some experience in or an understanding of information security, data privacy, IT governance, or a related technical/analytical role. Experience supporting audits, security operations, or compliance programmes would be beneficial. Experience working in a technology driven or data sensitive environment preferred. Understanding of cloud security, IT operations, and system administration (advantageous but not essential).

Qualifications

Certifications desirable but not essential: ISO27001 Internal Auditor, CompTIA Security+, CISM/CIPM/CIPP (working towards accepted). Technical: foundational understanding of information security frameworks such as ISO27001, NIST, or CIS Controls; knowledge of UK GDPR, DPA 2018, and data handling best practices; familiarity with risk management, incident response processes, vulnerability management, and access control principles.

Behavioral

Strong communication skills; high attention to detail and excellent organisational skills; ability to manage competing priorities and work independently when required; proactive, analytical, and committed to continuous improvement; high integrity and a strong sense of confidentiality.

Senior Information Security & Compliance Analyst employer: MWH Treatment Limited

MWH Treatment is an exceptional employer, offering a dynamic work environment at our Hattersley office with the flexibility of hybrid working. We prioritise employee growth through continuous improvement initiatives and provide opportunities to engage with key stakeholders across the organisation, ensuring that you play a vital role in enhancing our information security and compliance processes. Join us to be part of a supportive team that values integrity, collaboration, and professional development in a regulated environment critical to national infrastructure.

MWH Treatment Limited

Contact Details:

MWH Treatment Limited Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Senior Information Security & Compliance Analyst

Join Compliance Communities

Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!

Attend Industry Conferences

Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.

Leverage Your University Career Services

If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.

Showcase Your Knowledge Online

Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like MWH Treatment Limited looking for candidates who are engaged and informed.

We think you need these skills to ace Senior Information Security & Compliance Analyst

Information Security Governance
Data Protection
Risk Management
Incident Response
Stakeholder Engagement
ISO 27001
Data Loss Prevention (DLP)

Some tips for your application 🫡

Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!

Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.

Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!

Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at MWH Treatment Limited. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!

How to prepare for a job interview at MWH Treatment Limited

Master the Regulations

Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!

Show Your Analytical Skills

Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!

Know Your Tools

Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!

Align with Company Culture

Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with MWH Treatment Limited’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!