At a Glance
- Tasks: Lead security compliance and certification activities for Cyber Essentials and ISO 27001.
- Company: Dynamic software and IT services company focused on cybersecurity.
- Benefits: Hybrid working, strong career progression, and a chance to shape security compliance.
- Other info: Join a growing team with opportunities for advancement into senior roles.
- Why this job: Make a real impact in cybersecurity while growing your career in a tech-savvy environment.
- Qualifications: Experience with Cyber Essentials and understanding of information security frameworks.
The predicted salary is between 40000 - 50000 € per year.
A leading software and IT services company is seeking a Security Compliance Officer with experience in Cyber Essentials and/or Cyber Essentials Plus to take ownership of security compliance and certification activities across both internal systems and client environments. This is a key hire within a growing technical organisation where cybersecurity assurance, governance, and compliance are increasingly central to customer delivery and commercial growth.
Key Responsibilities
- Lead and manage Cyber Essentials and Cyber Essentials Plus (CE+) assessments and certification activities
- Maintain and improve compliance with key frameworks including ISO 27001, GDPR, and internal security policies
- Conduct internal security audits, control reviews, and risk assessments
- Support evidence collection and audit readiness across technical teams
- Work closely with IT support, DevOps, and engineering teams to ensure security controls are implemented and maintained
- Handle client-facing security questionnaires and compliance requirements
- Assist in improving the organisation's overall security posture and governance framework
Required Experience
- Experience working with Cyber Essentials and/or Cyber Essentials Plus frameworks and assessments
- Strong understanding of Cyber Essentials / Cyber Essentials Plus requirements
- Experience in information security, compliance, GRC, or IT security roles
- Familiarity with ISO 27001 or similar security frameworks
- Experience working with technical teams (MSP, software, or IT environments preferred)
Desirable
- IASME Cyber Essentials Assessor/Auditor qualification
- ISO 27001 Lead Auditor or Implementation experience
- CISSP, CISM, CISA, or equivalent certifications
- Experience within MSP, SaaS, or software delivery environments
- Exposure to client-facing compliance or consultancy work
What's on Offer
- Hybrid working (Essex-based office with flexibility)
- Opportunity to own and shape security compliance in a growing technical business
- Exposure to both internal security operations and external client compliance requirements
- Strong career progression into GRC, Security Manager, or Head of Compliance roles
Cyber Security Analyst employer: Nextech
Join a leading software and IT services company in Colchester, where you will play a pivotal role as a Cyber Security Analyst, driving security compliance and certification activities. With a strong emphasis on employee growth, you will benefit from hybrid working arrangements, the opportunity to shape security practices, and clear pathways for career advancement into senior roles within governance, risk, and compliance. Our collaborative work culture fosters innovation and ensures that your contributions are valued in a dynamic environment focused on cybersecurity excellence.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Analyst
✨Tip Number 1
Network like a pro! Reach out to folks in the cybersecurity field on LinkedIn or at local meetups. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of Cyber Essentials and ISO 27001. We recommend doing mock interviews with friends or using online platforms to get comfortable discussing your experience and how it relates to the role.
✨Tip Number 3
Showcase your skills through practical examples. When you get the chance to chat with potential employers, share specific instances where you’ve successfully managed compliance or improved security posture. We love hearing about real-world applications!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always on the lookout for passionate candidates who want to make a difference in cybersecurity.
We think you need these skills to ace Cyber Security Analyst
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with Cyber Essentials and any relevant frameworks like ISO 27001. We want to see how your skills match the job description, so don’t be shy about showcasing your achievements!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about cybersecurity and how your background makes you a perfect fit for our team. Keep it engaging and personal – we love to see your personality!
Showcase Relevant Experience:When filling out your application, focus on your experience with compliance and security audits. Mention specific projects or roles where you’ve led assessments or improved security postures. We’re looking for real-world examples that demonstrate your expertise!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us you’re genuinely interested in joining our team at StudySmarter!
How to prepare for a job interview at Nextech
✨Know Your Cyber Essentials Inside Out
Make sure you’re well-versed in the Cyber Essentials and Cyber Essentials Plus frameworks. Brush up on their requirements and be ready to discuss how you've applied them in past roles. This will show your potential employer that you’re not just familiar with the concepts, but that you can actively contribute to their compliance efforts.
✨Showcase Your Audit Experience
Prepare to talk about your experience with internal security audits and risk assessments. Have specific examples ready that demonstrate how you’ve identified vulnerabilities and improved security measures. This will highlight your proactive approach to maintaining compliance and enhancing security posture.
✨Familiarise Yourself with ISO 27001
Since familiarity with ISO 27001 is a plus, take some time to understand its principles and how they relate to Cyber Essentials. Be prepared to discuss how you’ve worked with this framework or similar ones in the past, as it shows your ability to navigate complex compliance landscapes.
✨Engage with Technical Teams
Highlight your experience working with IT support, DevOps, and engineering teams. Discuss how you’ve collaborated with these groups to implement security controls. This will demonstrate your ability to work cross-functionally and ensure that security measures are integrated into all aspects of the organisation.
