Security Governance Risk & Compliance Analyst (Bradford, GB) presso Yorkshire Water

Security Governance Risk & Compliance Analyst

Hello! Thanks for stopping by. Let us tell you about all the great reasons to join us here at Yorkshire Water:

• We offer a competitive salary, depending on experience (£36,538 – 45,673)
• Annual incentive related bonus (£1000 maximum bonus opportunity for the performance year)
• Attractive pension scheme (up to 12% company contribution)
• Development opportunities in line with the Security Governance Risk & Compliance Analyst progression plan
• 25 days annual leave plus bank holidays – plus an extra wellness day
• Life assurance cover of 4 times pensionable salary
• A great benefits package – choose from health cash plan scheme, critical illness insurance, dental insurance, life assurance flex and partner cover.
• Retail savings scheme
• Online GP service, cycle to work scheme, gym membership discounts and many more!

Location: Buttershaw / Hybrid Working (1-2 days in the office a week – Bradford)

Work type: 12-month fixed term contract. 37 hours per week, Monday – Friday.

We have an exciting opportunity for a Security Governance Risk &Compliance Analyst to join the IT team at Yorkshire Water and be a part of helping Yorkshire Water to provide the best service to our customers. Could this be you?

What we do:

Everyone has an idea of what a water company does. Here in Yorkshire, we make sure that over 5.4 million people living in the region and the millions of people who visit our region each year, can rely on our services, and have clean and safe drinking water on tap and that their wastewater is taken away. But for us, it’s so much more than this.

We look after communities, protect the environment, and plan to look after Yorkshire’s water, today, tomorrow 24/7, 365 days a year. We provide essential water and wastewater services to every corner of the Yorkshire region, and play a key role in the region’s health, wellbeing, and prosperity.

New environmental legislation, unprecedented levels of investment and changing expectations from customers means that this is an exciting time to discover opportunities within the water industry. The IT function is a key part of how we plan to meet the changing expectations of customers and regulators.

Join our Technology & Security team as a Security Governance, Risk & Compliance (GRC) Analyst. You’ll help shape and maintain Yorkshire Water’s security policies and standards, ensuring alignment with industry best practices.

In this role, you’ll support risk assessments, audits, and compliance reviews, while advising teams across the business on security for systems, networks, and suppliers. You’ll play a key part in protecting our organisation through strong governance and proactive risk management.

Where you fit in:

As our Security Governance Risk & Compliance Analyst you will:

• Support junior and apprentice analysts within the GRC team
• Promote the value of risk, regulation, and compliance at senior levels
• Drive adoption of security best practices and culture across the organisation
• Stay current with GRC trends, standards, and best practices
• Assist in managing the Security GRC Framework
• Collaborate with stakeholders, auditors, and vendors
• Support compliance activities (CAF, SEMD, PCI DSS, ISO27001)
• Monitor and report on security compliance and incidents
• Conduct controls testing and coordinate audit findings
• Advise on compliance matters and manage policy exemptions
• Liaise with Data Protection team on GDPR breaches
• Conduct risk assessments and maintain risk registers
• Provide risk advice and support proportionate decision-making
• Integrate risk management into business processes
• Develop and maintain security policies, standards, and procedures
• Test and assure policy compliance
• Support investigations and coordinate stakeholder engagement
• Ensure legal and data privacy compliance during incidents
• Engage with government agencies and industry bodies
• Participate in forums (e.g. DWI, NCSC, Local Resilience Forums)
• Contribute to GRC metrics, KPIs, KRIs, and reporting
• Align work with business priorities and challenge inefficiencies
• Take ownership of customer issues and act on feedback
• Make informed decisions through collaboration and analysis
• Focus on key priorities and drive continuous improvement
• Build strong working relationships and support team goals
• Show resilience, adaptability, and a proactive mindset
• Communicate clearly and influence positively
• Seek and act on feedback to improve performance

What skills & qualifications you will need:

• Track record of delivering successful IS initiatives
• Knowledge of Cyber Kill Chain, MITRE ATT&CK/DEFEND, and other security frameworks
• Solid understanding of cyber security, including Cyber Essentials and social engineering
• Awareness of current IS technologies, threats, and vulnerabilities
• Familiarity with ISO 27001, PCI DSS, and ITIL frameworks
• Hands-on experience with risk management tools and processes
• Skilled at translating business needs into security solutions
• Experience developing and maintaining IS policies and standards
• Eligible for UK Government Security Clearance
• Proven ability to lead people, processes, and technology effectively
• Strong influencing and negotiation skills; able to motivate others
• Experience driving cultural and behavioural change

You will also benefit from having:

• Recognised IS qualification (e.g. CISSP, CISM) or relevant degree/experience in Information Security
• Experience in operational or strategic leadership within commercial or regulated environments
• Skilled in managing information security incidents and investigations
• Good understanding of GDPR and data protection principles
• Experience working with legal, audit, and compliance teams
• Hands-on experience conducting IS compliance reviews and audits
• Strong negotiation and third-party management skills

Although we operate 24 hours a day, 365 days a year, it’s important to us that we support flexible working patterns and job share options (when we can), to help you make the best of both your work and home life. We know that juggling childcare responsibilities or getting that ideal work/life balance isn’t always easy!

Do we sound like your cup of tea?  

If you’ve got experience in Security Governance and want to help us deliver great service for our customers whilst looking after the environment, then be sure to apply today to find out what a career with Yorkshire Water can offer you.  

If successful for the role, you will be required to undergo pre-employment checks that will include a Basic Disclosure Check, carried out through a Third-Party Company, prior to commencing employment. Depending on the role, you may also be required to go through the security vetting process for either a Counter Terrorist Check or Security Check clearance.

All our roles are subject to a medical questionnaire, and further medicals when required.

We are committed to removing barriers and ensuring our recruitment process is accessible to everyone. We offer a range of adjustments to make your application experience as comfortable and straightforward as possible.

If you have an accessibility need, disability, or condition that requires changes to the recruitment process, please include this information in your application. We will then discuss any reasonable adjustments required.

Kelda Group reserve the right to close this position before the published closing date, should the need occur. We therefore advise that you complete and submit your application as soon as possible.

Closing Date - 15th September 2025

No agencies please.