Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Drive governance, risk, and compliance activities in cyber security.
- Company: Join South West Water, a leader in the UK water sector.
- Benefits: Up to £36,000 salary, generous holidays, health benefits, and training opportunities.
- Why this job: Make a real impact on cyber security while supporting a greener future.
- Qualifications: Understanding of cyber security principles and experience in audits.
- Other info: Collaborative environment with excellent career growth and development.
The predicted salary is between 28800 - 43200 £ per year.
Powered by Water, Driven by Purpose. South West Water keeps the South West flowing with safe, reliable drinking water and wastewater services across some of the UK's most stunning landscapes. We are proud to be part of Pennon Group, a leader in the UK water sector, working towards a greener future.
Our goals? As well as lowering our carbon footprint, we are working with partners to plant 300,000 trees, restore peatlands and support farmers and landowners to improve water quality and wildlife. Whether you are starting out or seeking a new challenge, our scale and ambition create opportunities for you to shape your own career. Ready to make a splash? Join our team today.
Are you passionate about Cyber Security Governance, Risk Management and Compliance? We are seeking a proactive and knowledgeable Cyber Security GRC Analyst (up to £36,000 doe) to support and strengthen our organisation's security posture. In this role, you will help ensure ongoing compliance with key security standards, manage governance frameworks, and contribute to the resilience of our cyber environment.
About the Role: As a Cyber Security GRC Analyst, you will play a central role in driving our governance, risk, and compliance activities. Reporting to the Cyber Security Compliance Manager, you will support internal reviews, risk assessments, policy development, and ongoing compliance with frameworks such as ISO 27001 and NIS Regulations. You will collaborate across the business to ensure risks are effectively managed, controls are embedded, and our security standards remain robust and continually improved.
Key Responsibilities:
- Plan, conduct, and document internal ISO 27001 audits across all areas of the Information Security Management System (ISMS), ensuring all controls and processes are regularly reviewed for effectiveness and compliance.
- Evaluate the effectiveness of information security policies, procedures, and controls, and identify areas for improvement or non-compliance.
- Develop and maintain an annual audit schedule to ensure comprehensive coverage of ISO 27001 requirements and continual improvement of the ISMS.
- Conduct and document internal audits and assessments aligned to ISO 27001 and NIS Regulations.
- Contribute to the development and maintenance of cyber security policies, standards, and procedures.
- Assist in maintaining the IT Security risk register, including identifying, assessing, and monitoring.
- Work closely with business stakeholders to gather evidence, close audit findings, and track corrective actions.
- Support security assurance activities, including penetration tests, vulnerability scans, and third party reviews.
- Promote strong cyber security awareness and contribute to a positive security culture.
- Ensure third party suppliers meet contractual and regulatory security requirements.
- Maintain compliance with relevant legislation and industry standards.
- Monitor adherence and enforce policies to safeguard organisational data. Ensure that data protection practices meet legal, regulatory, and standards requirements.
Why Governance, Risk & Compliance Matters: Effective GRC practices are essential for safeguarding sensitive information, maintaining customer trust, and protecting the organisation from regulatory, operational, and reputational risks. Regular internal ISO 27001 audits not only ensure ongoing certification but also drive continual improvement and resilience in our information security practices.
What We're Looking For:
- Full UK driving licence.
- Strong understanding of cyber security principles, risks, and regulatory requirements.
- Familiarity with ISO 27001 or NIS or other cyber security standards and frameworks.
- Experience in conducting audits or assessments.
- Thrives in environments where clear governance, process adherence, and continual improvement are valued.
- Values the opportunity to help teams prepare for external audits or certifications.
- Excellent communication and relationship building skills.
- Excellent attention to detail.
- A collaborative, self-motivated approach with strong organisational abilities.
- Eligible for UK Government Security Clearance (SC).
Why You'll Love Working With Us: We know that the support and commitment of our staff is key to our success so you will receive the opportunity for ongoing development and training for a long-term career with us. In return, we offer an excellent range of benefits including:
- Annual salary of up to £36,000 depending upon experience.
- Generous holiday allowance plus bank holidays.
- A discretionary Bonus.
- Competitive Contributory Pension.
- Share-save Scheme.
- Various health benefits.
- Wellbeing support programmes.
- A range of Group Discounts.
- Cycle to Work Scheme.
- Financial support services.
- And plenty more!
GRC Analyst in Plymouth employer: South West Water
Contact Detail:
South West Water Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land GRC Analyst in Plymouth
✨Tip Number 1
Network like a pro! Reach out to current or former employees at South West Water on LinkedIn. A friendly chat can give you insider info and maybe even a referral, which can really boost your chances.
✨Tip Number 2
Prepare for the interview by brushing up on ISO 27001 and NIS Regulations. We want to see that you're not just familiar with these frameworks but can also discuss how you've applied them in real scenarios.
✨Tip Number 3
Show your passion for cyber security! During interviews, share examples of how you've contributed to improving security practices in previous roles. This will demonstrate your proactive approach and commitment to the field.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at South West Water.
We think you need these skills to ace GRC Analyst in Plymouth
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the GRC Analyst role. Highlight your experience with cyber security principles, ISO 27001, and any relevant audits you've conducted. We want to see how your skills align with our goals!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to express your passion for cyber security and how you can contribute to our mission at South West Water. Be genuine and let your personality come through.
Showcase Your Attention to Detail: As a GRC Analyst, attention to detail is crucial. Make sure your application is free from typos and errors. We appreciate candidates who take the time to present their best work right from the start!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, you’ll find all the info you need about the role and our company there!
How to prepare for a job interview at South West Water
✨Know Your Standards
Familiarise yourself with ISO 27001 and NIS Regulations before the interview. Be ready to discuss how these frameworks apply to the role and share any relevant experiences you have in conducting audits or assessments.
✨Showcase Your Communication Skills
As a GRC Analyst, you'll need to collaborate with various stakeholders. Prepare examples of how you've effectively communicated complex information or built relationships in previous roles. This will demonstrate your ability to work well with others.
✨Prepare for Scenario Questions
Expect questions that assess your problem-solving skills in real-world situations. Think of scenarios where you've identified risks or improved compliance processes, and be ready to explain your thought process and outcomes.
✨Highlight Your Attention to Detail
In this role, attention to detail is crucial. Bring examples of how your meticulous nature has led to successful audits or compliance improvements. This will show that you understand the importance of thoroughness in governance and risk management.
