12 jobs found

Job Title: Security Governance Analyst Salary: £29,700 - £38,500 Location: Cambridge / Hybrid with 2 days a week in office Contract: Permanent Hours: Full time 35 hours per week Joining us as a Security Governance Analyst offers the opportunity to contribute directly to strengthening our security governance, ensuring our organisation continues to deliver responsibly, securely, and effectively . We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge. About the role This role supports the development and oversight of security governance practices across the organisation. You will maintain security documentation, support internal and external audits, contribute to supplier assurance processes, and provide essential security governance support to the wider Group Security team. Your work will help ensure compliance, strengthen our ISMS, and uphold high security standards. Additional responsibilities include: Supporting the development and documentation of security policies and guidelines. Assisting with ISO 27001 and Cyber Essentials audit preparation and evidence collation. Maintaining supplier assurance tools and conducting supplier security assessments Monitoring compliance and contributing to relevant governance reporting. Supporting risk management processes, including maintaining risk registers Providing administrative support to the Group Security team, including processing POs and maintaining the Security Connect page. This position has been classified as a hybrid role, requiring the selected candidate to typically spend 40-60% of their time collaborating and connecting face-to-face at their dedicated location. Aside from our hybrid principles, other flexible working requests will be considered from the first day of employment, including other work arrangements should you require adjustments due to a disability or long-term health condition. About You You will bring: A minimum of 2 years' experience or demonstrated capability in information security governance, risk, or compliance. Working knowledge of ISMS frameworks such as ISO 27001 and Cyber Essentials. Familiarity with supply chain and third-party security management. Knowledge of security threats and mitigation strategies. Strong organisational, communication, and stakeholder engagement skills. If you meet the above minimum requirements, we encourage you to apply. Your application will be even stronger if you can also demonstrate the following desirable criteria: ISO 27001 Foundation or Information Security Fundamentals certification. 27001 Lead Auditor certification (or willingness to work towards it). Experience delivering security awareness programmes. Experience working with security risk frameworks. For a detailed job description, please refer to the link at the bottom of the advert on our careers site. We are a Disability Confident (DC) employer that is committed to equality and inclusion ensuring our recruitment process is accessible to all. The DC scheme's Offer of an Interview commitment applies to applicants who opt in, and disclose a disability or a long-term health condition, and best meet the minimum criteria for the role. In instances where interviewing all qualifying candidates is not practicable, we prioritise those who best meet the minimum criteria, as we would for applicants who do not have a disability or long-term health condition. Please note, Cambridge University Press & Assessment is unable to sponsor this role under the Skilled Worker Visa route as it does not meet the minimum skill requirements. Rewards and benefits We will support you to be at your best in work and to live well outside of it. In addition to competitive salaries, we offer a world-class, flexible rewards package , featuring family-friendly and planet-friendly benefits including: 28 days annual leave plus bank holidays Private medical and Permanent Health Insurance Discretionary annual bonus Group personal pension scheme Life assurance up to 4 x annual salary Green travel schemes Ready to pursue your potential? Apply now. We aim to support candidates by making our interview process clear and transparent. The closing date for all applications will be 17 th April 2026 . We will review applications on an ongoing basis, and shortlisted candidates can expect interviews to take place shortly after it closes. If you are shortlisted and progressed through the stages, you can expect: First stage virtual interview via MS Teams. Final stage interview: in-person at our offices in Cambridge If you require any reasonable adjustments during the recruitment process due to a disability or a long-term health condition, there will be an opportunity for you to inform us via the online application form. We will do our best to accommodate your needs. Please note that successful applicants will be subject to satisfactory background checks including DBS due to working in a regulated industry. We are committed to an equitable recruitment process. As such, applications must be submitted via our official online application procedure. Please refrain from sending your CV directly to our recruiters. If you experience technical difficulties or require additional support with submitting your online application, contact the Recruiter. Why join us Joining us is your opportunity to pursue potential. You will belong to a collaborative team that is exploring new and better ways to serve students, teachers and researchers across the globe - for the benefit of individuals, society and the world. Sharing our mission will inspire your own growth, development and progress, in an environment which embraces difference, change and aspiration. Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it is safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background. We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities. Documents Security Governance Analyst Job Description March26.pdf (83.17 KB)

Information Security Analyst - Staffordshire Cyber Analyst to join the Information Security Team. Someone who can take those outputs from projects / tools and drive improvements. Looking for an experienced, proactive Security Analyst to ensure the correct level of security integrity to protect systems, information, personal data and people from cyber-attacks and unauthorised access. Working with other departments to ensure security systems are secure, fit for purpose and protected to an optimal level. You will be responsible for driving the security scrutiny, culture, awareness, and adoption across the business. Security Toolsets and a Technical Mindset, you re not expected or required to be an expert in all areas but expected to have a solid understanding and grounding in security principals to adapt to the varied requirements Experienced in a wide variety of security software, systems, services and toolsets such as E-mail Security, EDR, NAC, IT/OT Segmentation, 365 etc along with an understanding of malware prevention, emerging threats, attacks and vulnerability management Understanding of Information Security best practice for elements including workstations, servers, cloud, networking, architecture, common protocols, and application security Can confidently perform security audits, both internal and external (e.g., third party and supplier assurance) and ensure recommendations are followed for continuous improvement Strong Incident Response Management skills including threat and vulnerability analysis Understanding of security frameworks such as NIST, and Cyber Essentials As the analyst you will work with the security manager and engineer the day-to-day running and monitoring of Information Security systems. Analyse and interpret outputs to identify security weaknesses and recommend continuous improvements and be involved in - Respond to Security Incidents, reports and alerts ensuring prompt containment and recovery. Plan and oversee regular security penetration testing against new and existing services to identify weaknesses and formulate plans and processes to minimise current and future risk Conduct regular security risk reviews and manage security remediation activity, internally on new IT/Business projects and with third parties This is working for an excellent client who offer progression and development. This is an office-based role in Staffordshire and you will join a small, dedicated security team.

GRC Analyst - Third Party Risk Management Fixed Term Contract, 12 months - £45k - £50k Location: Hybrid - Birmingham Your new company: I am looking to recruit a GRC Analyst, focusing on Third Party Risk Management, to join a leader in the hospitality space, with the role focusing on GRC activities, with a strong focus on information security, privacy, and regulatory assurance across the organisation. The role responsibilities: This role focusses on supplier assurance and third-party risk management, ensuring that vendors handling company data or connecting to company systems operate in line with security, privacy, and compliance expectations. Key parts of the role: Conducting and coordinating security and privacy risk assessments for new and existing third-party suppliers. Evaluating supplier controls relating to data protection, information security, data hosting, subcontractor usage, and system access. Cataloguing and maintaining records of data shared with third parties, including purpose of use, information security classification, data sensitivity, and processing location. Ensuring third party data handling arrangements clearly define data retention, archiving, and deletion requirements in line with policies and regulatory obligations. Maintaining third party risk documentation and tracking remediation actions with suppliers and internal teams. Working closely with Vendor Management, Procurement, Legal, Information Security, and IT to ensure supplier risks are identified early and addressed prior to onboarding or renewal. Escalating high risk supplier findings to the IT Licensing & Compliance Manager and relevant stakeholders. You will need: Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements. Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role. Ability to interpret and assess technical and organisational controls. Strong analytical skills with excellent attention to detail. Confident written and verbal communication skills, able to engage across legal, technical, and operational teams. Experience contributing to incident or breach investigations. Ability to manage multiple competing priorities and constructively challenge established processes. Minimum 3 years' experience in a relevant role. CIPP/E, CIPM, CompTIA Security+, or BCS Practitioner Certificate in Data Protection, desirable. What you'll get in return: Salary of between £45k-£50k Hybrid working Company discounts A pension contribution matched at 1.5x, up to 5%. Private healthcare, dental plan, cycle to work, and keep-fit schemes. 26 days annual leave plus bank holidays. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

GRC Analyst - Data Protection & GDPR Compliance Fixed Term Contract, 12 months - £45k - £50k Location: Hybrid - Birmingham Your new company: I am looking to recruit a GRC Analyst, focusing on Data Protection and GDPR, to join a leader in the hospitality space, with the role focusing on GRC activities, with a strong focus on information security, privacy, and regulatory assurance across the organisation. The role responsibilities: This role focusses on data protection assurance and GDPR compliance, ensuring personal data is processed lawfully, and in line with regulatory and organisational requirements. Key parts of the role: Reviewing how personal data is used across systems, business processes, and technology solutions. Identifying opportunities to reduce, anonymise, or eliminate personal data processing where it is not essential to business needs. Support the review, development, and rollout of information security and data protection policies. Contribute to the management of information security, third party, and privacy risk registers. Assist with internal and external audits, including GDPR assurance, PCI DSS, and financial audits. Track remediation of identified security, privacy, and compliance issues to ensure timely closure. Support incident and breach response activities, including investigation, documentation, and follow up actions. You will need: Strong understanding of GDPR, the UK Data Protection Act, and privacy and security control requirements. Experience working in GRC, information security, data protection, supplier assurance, or a related compliance role. Ability to interpret and assess technical and organisational controls. Strong analytical skills with excellent attention to detail. Confident written and verbal communication skills, able to engage across legal, technical, and operational teams. Experience contributing to incident or breach investigations. Ability to manage multiple competing priorities and constructively challenge established processes. Minimum 3 years' experience in a relevant role. CIPP/E, CIPM, CompTIA Security+, or BCS Practitioner Certificate in Data Protection, desirable. What you'll get in return: Salary of between £45k-£50k Hybrid working Company discounts A pension contribution matched at 1.5x, up to 5%. Private healthcare, dental plan, cycle to work, and keep-fit schemes. 26 days annual leave plus bank holidays. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

The Information Security Officer will support the safeguarding of the organisation's information assets by identifying risks, monitoring security controls, and ensuring best-practice governance. The role also contributes to incident response, third-party oversight, and ongoing security improvements. It is a hybrid role. You can choose to work in either one of the offices: Manchester, Cardiff, London. Client Details The client is a rapid growing finance service provider, with a strong focus on data protection, operational resilience, and continuous improvement in cybersecurity. They offer a supportive environment with investment in modern tools, frameworks, and professional development. Description Conduct and support information security risk assessments, vulnerability reviews, and the maintenance of the risk register. Work closely with SOC team and infrastructure team for remediation plan Assist with regulatory and audit obligations by preparing documentation and ensuring compliance with legal standards. Maintain and update security policies, standards, and procedures to reflect organisational needs and current threats. Deliver security awareness initiatives and training to promote secure behaviours across the organisation. Perform due-diligence reviews of third-party suppliers and support ongoing monitoring of external security risks. Profile Experience in information security, risk assessment within a regulated or structured environment. Familiarity with security monitoring tools, vulnerability management, and supporting audit activities. Understanding of security frameworks such as ISO 27001, NIST, or Cyber Essentials. Strong communication skills, with the ability to explain technical security matters to non-technical stakeholders. Highly organised, proactive, and capable of managing multiple priorities with attention to detail. Relevant qualifications (CISM is highly preferred) or certifications (e.g., CISMP, Security+, CISM, CISSP, SC-200, AZ-500) Job Offer Hybrid role: 60% in Manchester, Cardiff or London office 25 days holiday plus birthday off Pension Scheme (8% matched) Life Assurance Private Medical Insurance Gym Memberships Retails discounts

IT Security Analyst Location: Hybrid - Middlesbrough Salary: 50,000 - 60,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities

Security Analyst UK Financial Services Compliance & Technical Security North West England 35k- 45k + Benefits/Progression Zachary Daniels are delighted to be working with a well-established UK business during an exciting period of growth, to recruit a Security Analyst . This is a company investing heavily in technology, compliance, and security. In this role, you'll be part of a collaborative team, working across compliance, risk, and technical security to protect the business, strengthen frameworks, and support transformation projects. It's a varied position offering real scope to grow both your governance and technical skills. Benefits You'll Enjoy: Competitive salary up to (DOE) Generous annual leave entitlement, rising with service Enhanced maternity, paternity, and parental leave Life assurance Regular social events Role Responsibilities: Identify and assess security risks, ensuring mitigation plans are in place. Support the development and maintenance of security policies and standards. Assist with third-party security reviews and supplier risk management. Provide oversight of vulnerability assessments. Conduct architecture reviews for new systems and services. Evaluate technical controls and recommend improvements. Support the rollout of new security tools and technologies. Provide input into incident management and security metrics reporting. About You: 2+ years' experience in an security role. Strong understanding of risk assessment methodologies. Knowledge of frameworks such as ISO 27001. Experience with vulnerability management and technical controls. Excellent problem-solving skills with strong attention to detail. Confident communicator with the ability to explain security concepts to non-technical stakeholders. This is more than just a security role, it's a chance to join a forward-thinking business, develop your expertise across both compliance and technical domains, and make a real impact in protecting and enabling the organisation. Apply today with your most up-to-date CV! BBBH34361

IT Security Analyst Location: Hybrid - Buckinghamshire Salary: 50,000 - 55,000 + Benefits 83zero are partnered with a market-leading software company who are on a mission to transform the construction and related industries through their end-to-end digital solutions. With teams across the UK, Europe, USA and India, they are delivering large-scale transformation projects on a global scale and are continuing to expand. We are now looking for a highly organised and detail-driven IT Security Analyst to join their growing security function. This role plays a key part in securing customer trust and supplier integrity, ensuring compliance with recognised frameworks, and supporting wider security initiatives. The Role Own and manage responses to customer security questionnaires (SIG, CAIQ, bespoke). Work cross-functionally with Legal, Compliance, Procurement, Product and Security teams. Maintain the security assurance matrix in line with ISO 27001, Cyber Essentials, and SOC 2. Act as the key point of contact for security assurance queries. Conduct vendor risk assessments against ISO 27001, NIST, and CIS Controls. Manage the third-party due diligence programme, including onboarding and periodic reviews. Track and publish key security metrics such as risk severity, SLA adherence, and turnaround times. Provide audit artefacts and support internal/external audits. Contribute to broader security initiatives and continuous improvement within the organisation. About You 3+ years' experience in Information Security, GRC, or Vendor Risk Management. Strong experience issuing or responding to security questionnaires. Knowledge of ISO 27001 Annex A, SOC 2, and GDPR/CCPA. Excellent communication skills, able to translate technical risk to non-technical stakeholders. Eligible to work in the UK and able to pass background checks. Desirable: Certifications such as CRISC, CISSP, CISA, or ISO 27001 Lead Auditor. Familiarity with SaaS/cloud platforms (AWS, Azure, GCP). Understanding of secure software supply chains (SBOM, SLSA). What's on Offer 50,000 - 55,000 base salary 25 days annual leave + public holidays (increasing with service) Matched pension scheme Private medical insurance & life assurance Fitness allowance Paid study leave & volunteering days Flexible hybrid working Excellent career development and training opportunities

Your new role Acting as the D365 SME you will lead the design, development, customisation, and implementation of Microsoft Dynamics 365 solutions (primarily CRM but likely to include other modules in the future).Mentor, guide, and support two D365 developers, helping them grow their technical and professional skills.You will be in the office in central Birmingham 2-3 days a week. Responsibilities will include: Lead on the full development lifecycle and responsible for the team's design, coding, testing and documentation of large, complex or mission-critical applications in a cloud-first environment using Dynamics and Power Apps in MS Azure.Day-to-day line management activities such as 1-2-1s and development of IDPsConfiguration and customisation of Dataverse / Dynamics entities and formsDevelopment of PowerApps integrations with other Azure components such as Logic Apps, Azure Service Bus and Azure FunctionsSupporting upgrades and maintenance of the PowerApps platformIdentify and manage problems, incidents, risks and issuesBuild automated tests to support our continuous deployment environmentsUnderstanding yourself to be a leader (and the impact of your behaviour on others in a project team focused on results)Work alongside the IT Enterprise Development Manager to support staff, provide guidance and facilitate issue resolution on a day-to-day basis.Collaborate with Product Owners, Business Analysts, and stakeholders to understand business requirements and translate them into technical solutions.Plan and prioritise team workload to ensure timely delivery of development work across multiple projects or features.Drive Agile or DevOps practices within the team.Chair daily stand-ups, regular demos, retrospectives etcEnsure seamless integration of D365 with other enterprise systems and third-party applications.Oversee maintenance and enhancement of existing customisations and plug-ins.Produce and maintain technical documentation, solution designs, and deployment guides.Ensure compliance with data security, governance, and quality assurance standards What you'll need to succeed Proven experience as a Dynamics 365 Developer.Strong knowledge of Microsoft Dynamics 365 modules such as CRMProficient in C#, .NET, Power Platform (Power Apps, Power Automate), and JavaScript.Experience with Azure DevOps, Git, or similar CI/CD tools.Demonstrated ability to lead or mentor other developers in a team environment.Solid understanding of software development lifecycle (SDLC) and Agile methodologies.Strong problem-solving skills and ability to communicate clearly with both technical and non-technical stakeholders. What you'll get in return Competitive salary 27 days' holiday plus bank holidaysFlexi timeExcellent pension contributionsBuy/Sell annual leaveStaff discounts, including discounted gym membership What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk

Regulatory Analyst - DORA Hybrid Our client, a leading financial services organisation, is seeking a Regulatory Analyst with strong expertise in Digital Operational Resilience (DORA) and European cyber regulations. As a subject matter expert, you will drive DORA implementation, collaborate with operational resilience teams, and influence policies, controls, and risk frameworks to safeguard critical business services. Key Responsibilities Regulatory Assurance (DORA): Lead gap analyses and implement solutions to ensure full DORA compliance . Embed DORA's six pillars: ICT Risk Management, Incident Reporting, Resilience Testing, Information Sharing, Third Party Risk, and Governance . Collaborate with operational resilience and business continuity teams. Design and execute testing initiatives to measure cyber and digital resilience. Assess third-party resilience as part of TPRM efforts. Partner with IT and Risk stakeholders on cross-functional initiatives. Act as a subject matter expert and champion of digital resilience. Policies & Standards: Develop and evolve policies to align with both local and enterprise-wide regulatory requirements. Contribute to the information security policy framework . Governance & Controls: Support ongoing control maintenance and internal audits. Work with stakeholders to assess risk and strengthen mitigation strategies . Build deep expertise around regulated business services . What You Bring Expertise & Education: Degree in IT, Information Security, Risk Management or a related field. Strong knowledge of DORA, NIS2, and UK/EU cyber regulations . Familiarity with frameworks: ISO27001, NIST, COBIT, CAF . Recognised certifications such as CISSP, CISM, CISA, CRISC, CTPRP . Experience with European financial regulations (BaFin, AMF, etc.). Proven background in information security, audit, or risk management . Skills & Traits: Financial services experience with strong awareness of cybersecurity trends . Proactive problem solver with excellent analytical skills . Collaborative with strong stakeholder management abilities .

Are you ready to make a meaningful impact in the world of cyber security? At UK Power Networks, we're seeking a dedicated Senior Cyber Security Risk Specialist to join our Information Systems directorate in either our London or Crawley office. With a competitive salary of up to 75,000.00 plus a 7.5% bonus. Step into a pivotal role where your skills and insights will help shape the security posture of a leading energy distribution company. You'll report directly to the Cyber Security Governance, Risk & Compliance Manager and play a vital part in safeguarding essential business operations from evolving cyber threats. The role is dynamic and collaborative, involving close teamwork with a group of 8-10 GRC professionals and expert partners. You'll mentor less experienced analysts, offer guidance and training, and occasionally deputise for the GRC Manager, representing UK Power Networks at industry forums and regulatory working groups. Communication is at the heart of this position; you'll interact regularly with senior management across IT, IS, and the broader business, as well as with auditors and third-party partners, translating technical risks into actionable recommendations. Your main accountabilities will revolve around conducting cyber security risk assessments using the UK Power Networks framework, identifying, tracking, and remediating control environment risks, and ensuring third-party risks are also addressed. You'll produce management information and regulatory submissions, maintain compliance with major standards like ISO 27001/27002, and provide assurance for policy compliance. Establishing robust GRC policies and procedures, developing the IT controls framework, and supporting business continuity and disaster recovery planning will all fall under your remit. You'll operate and improve our information security management system, ensure ongoing compliance with legal and regulatory requirements such as Cyber Essentials, NIS Regulations, and the Smart Energy Code, and support technical implementation of GRC tools. Imagine being part of a team that is integral to delivering seamless technology solutions and continuous improvement throughout the organisation. The Information Systems Department underpins our commitment to operational excellence, customer service, and cyber resilience. In this role, you'll assess IT and cyber risks, drive improvements in our cyber maturity, collaborate with a variety of internal and external partners, and enable UK Power Networks to maintain its license to operate by demonstrating a strong and sustainable security posture. We're looking for someone with practical experience in GRC, audit, or cyber security, and with relevant training in cyber risk assessment. You should have a deep knowledge of at least three specialist areas such as industry standards, operational controls, risk management, business continuity, or supply chain security. Professional certifications like CISSP, CompTIA, CISA, CISM, CRISC, or an academic background in information security will be highly valued, along with hands-on experience in compliance frameworks, IT/OT risk assessments, and audit engagements. Familiarity with regulated environments, especially within the energy sector, will be advantageous. Beyond a competitive salary and bonus, we offer 25 days of annual leave plus bank holidays, reservist leave, a generous pension plan, tenancy loan deposit and season ticket schemes, tax-efficient benefits, health support, retail discounts, and an employee assistance programme. We are committed to supporting your health, safety, and wellbeing, and are proud to be an equal opportunity employer who values diversity and inclusion at every level. If you are motivated to support a critical infrastructure business, thrive in a collaborative environment, and are passionate about advancing cyber security, we invite you to apply and become a key player in the future of UK Power Networks. Take the next step towards an exciting and rewarding career-your expertise could make all the difference. Click apply to view the full job description on our careers page with a closing date of 28/09/2025

AMS is a global workforce solutions partner committed to creating inclusive, dynamic, and future-ready workplaces. We help organisations adapt, grow, and thrive in an ever-evolving world by building, shaping, and optimising diverse talent strategies. On behalf of Tesco IMS, AMS are now looking for a Supplier Risk Analyst for a 6 month contract ,this role offers a fully remote working model. Tesco IMS deal in the personal - from pet insurance for your best friend, and home insurance for peace of mind, to motor insurance for your dream car or travel money for that trip you've worked hard for. And that means they always work with heart. Whether they're helping their customers or looking after their people, you'll find there's a warmth and friendliness to everything they do. Key responsibilities: To support the Supplier Risk and Assurance Manager in developing and delivering assurance activities with third- party suppliers. Recommend changes to systems, technology and processes across third parties to support continuous improvement of our control framework and assurance activity. Lead supplier onboarding and due diligence processes, ensuring alignment with SS2/21 and internal risk frameworks. Utilize Hellios FSQS to assess supplier compliance across financial, ESG, and information security domains. Conduct materiality assessments and maintain a register of outsourcing relationships. Collaborate with Procurement, Legal, and Information Security teams to evaluate and mitigate third-party risks. Develop and test stressed exit plans for critical suppliers to support operational resilience. Monitor supplier performance and risk indicators, producing actionable insights and reports for senior stakeholders. Skills and Qualifications: Proven experience in supplier risk, third-party risk management, or compliance. Strong understanding of SS2/21, GDPR, ISO 27001, and operational resilience principles. Familiarity with Hellios FSQS or similar supplier assurance platforms. Excellent analytical, communication, and stakeholder engagement skills. Ability to work independently and manage multiple priorities in a fast-paced environment. Experience in supplier onboarding, due diligence, and administrative support. Why Tesco Insurance and Money Services? Seeing your impact all around you: there's no better feeling. Lucky for us, we get to feel it all the time. Because whatever our role, we're helping our colleagues and serving our customers, communities and planet a little better every day. We deal in the personal - from pet insurance for your best friend, and home insurance for peace of mind, to motor insurance for your dream car or travel money for that trip you've worked hard for. Everything we do is about making things better. Not just for others, but for you too. It's why you'll get bags of choice and plenty of development. It's why you'll always be heard and find balance that works for you. It's why you'll feel totally at home in a place where everyone's welcome. Next steps If you are interested in applying for this position and meet the criteria outlined above, please click the link to apply and we will contact you with an update in due course. Our client will only accept workers operating via an Umbrella or PAYE engagement model. Please note that for the duration of this assignment you will be working as an external resource engaged by AMS.