Governance, Risk & Compliance Analyst in Manchester

Governance, Risk & Compliance Analyst in Manchester

Manchester Full-Time 40000 - 50000 £ / year (est.) No working from home possible
T

At a Glance

  • Tasks: Design and improve security processes to protect the University’s digital assets.
  • Company: Join Manchester Metropolitan University, a leader in innovation and inclusivity.
  • Benefits: Flexible working, professional development, and a diverse, supportive environment.
  • Other info: Inclusive culture with opportunities for growth and mentorship.
  • Why this job: Make a real impact on security while shaping the future of education.
  • Qualifications: Experience in security frameworks and strong stakeholder engagement skills.

The predicted salary is between 40000 - 50000 £ per year.

About The Directorate

As IT&D, we help to create the University of the future by co‑designing new ways of working, enhancing productivity, reducing complexity, supporting innovation, and providing the insights to drive continual improvement. Embracing a digital future in an evolving modern university, you will be working in partnership with our academic and Professional Services colleagues to deliver digital services that help the University achieve its strategic objectives in teaching and research, nationally & globally.

About The Department

IT & Digital (ITD) plays a central role in delivering high‑quality, responsive, and secure services that support our staff and students. Our work directly shapes the learning and professional experience across the University.

About The Team

As part of the Information Security team, you will join a growing function focused on strengthening governance, risk, compliance, and operational security across the University. The team works closely with IT, Cyber Security, and business stakeholders to embed practical, effective security controls. We operate a hybrid working model, with time on campus to support collaboration and engagement.

About The Role

As a Governance, Risk and Compliance Analyst, you will play a key role in designing, embedding, and continuously improving the University’s operational security controls and processes. You will act as a bridge between security strategy and day‑to‑day operations, ensuring that security policies, controls, and compliance activities are practical, effective, and aligned to regulatory and sector expectations. You will influence how security is implemented across systems, services, and suppliers, helping to strengthen the University’s overall security posture. You will report to the Head of Information Security – Governance, Risk and Compliance and work closely with colleagues across IT, Cyber Security, and business areas to ensure security is embedded into everything we do.

Key Responsibilities

  • Develop and maintain operational security architectures aligned to best practice (e.g., NCSC, UCISA).
  • Ensure compliance with regulatory and legal requirements (e.g., GDPR, Data Protection Act, PCI‑DSS).
  • Design and implement security processes across identity, access control, vulnerability management, and incident response.
  • Lead internal audits and support external assurance activities (e.g., Cyber Essentials).
  • Identify control weaknesses and drive remediation with IT and stakeholders.
  • Develop and maintain security policies, standards, and guidance across the organisation.
  • Conduct risk assessments and maintain the information security risk register.
  • Support third‑party assurance and supplier security risk management.
  • Investigate incidents and identify opportunities to improve controls and resilience.
  • Deliver security awareness training and promote a strong security culture.
  • Provide expert advice to projects, governance forums, and operational teams on security matters.

Key Skills

  • Strong operational security experience across architecture, compliance, and control design.
  • Excellent understanding of security frameworks (e.g., NIST CSF, CIS Controls, ISO 27001).
  • Knowledge of cloud and on‑premises security controls and architectures.
  • Experience of audit, compliance, and risk assessment activities.
  • Strong stakeholder engagement skills, able to influence both technical and non‑technical audiences.
  • Ability to translate complex security concepts into clear, practical guidance.
  • Professional security certification (e.g., CISSP, CISM, ISO 27001, CCSP, CRISC) or equivalent experience.

Equal Opportunity Statement

Manchester Metropolitan University fosters an inclusive culture of belonging that promotes equity and celebrates diversity. We value a diverse workforce for the innovation and diversity of thought it brings and welcome applications from all local and international communities, including Black, Asian, and Minority Ethnic backgrounds, disabled people, and LGBTQ+ individuals. We support a range of flexible working arrangements, including hybrid and tailored schedules, which can be discussed with your line manager. If you require reasonable adjustments during the recruitment process or in your role, please let us know so we can provide appropriate support. Our commitment to inclusivity includes mentoring programmes, accessibility resources, and professional development opportunities to empower and support underrepresented groups.
Manchester Met is a Disability Confident Leader and, under this scheme, aims to offer an interview to disabled people who apply for the role and meet the essential criteria as listed in the attached Job Description for that vacancy.

#J-18808-Ljbffr
T

Contact Details:

The Manchester Metropolitan University Recruitment Team

We think you need these skills to ace Governance, Risk & Compliance Analyst in Manchester

Operational Security Experience
Security Frameworks Understanding
Cloud Security Controls Knowledge
On-Premises Security Architectures Knowledge
Audit and Compliance Experience
Risk Assessment Activities
Stakeholder Engagement Skills