IT Compliance Analyst

IT Compliance Analyst Salary: £35,000 to £40,000 Location: Birmingham Keywords: Information Security, Audit, Compliance, Risk Assessment, Governance Frameworks, Stakeholder Collaboration, Third-Party Risk Management, Operational Efficiency, Documentation, Industry Standards An exciting opportunity has arisen for an IT Compliance Analyst to join a forward-thinking organisation in Birmingham, where your expertise will play a pivotal role in shaping and safeguarding the company’s information security landscape. This newly created position offers you the chance to be at the forefront of developing robust compliance measures, working closely with both internal and external audit teams, as well as a diverse range of stakeholders across the business. You will be instrumental in ensuring that all information security controls are not only effective but also fully compliant with industry standards. The role provides a unique platform to collaborate with procurement, business units, and third-party vendors, ensuring comprehensive risk management and continuous improvement of security practices. With a strong emphasis on teamwork, communication, and operational delivery, this is your opportunity to make a meaningful impact within a supportive environment that values knowledge sharing and professional growth.

• Be part of a newly established function dedicated to enhancing information security measures and evidencing compliance for both the business and its customers, offering you the chance to shape processes from the ground up.
• Work collaboratively with cross-functional teams including procurement, business units, and third-party vendors to identify, assess, and manage risks while supporting customer audits and responding to complex queries.
• Enjoy a consultative and inclusive workplace culture that encourages open communication, stakeholder engagement, and ongoing professional development within the field of information security.

What you'll do:
As an IT Compliance Analyst based in Birmingham, you will immerse yourself in a variety of engaging activities designed to strengthen the organisation’s information security posture. Your day-to-day responsibilities will see you reviewing critical documentation related to IT controls while evaluating their effectiveness through rigorous testing. You will develop audit methodologies that set new benchmarks for quality assurance within the business. By designing audit programmes tailored to industry standards such as CIS or ISO27001, you will ensure ongoing compliance across all areas. Taking ownership of both internal and external audits means you’ll be at the heart of maintaining regulatory alignment while also assessing third-party suppliers for potential risks. Your collaborative approach will see you working hand-in-hand with procurement teams as well as other business units to uphold cyber security standards throughout the supply chain. Additionally, you’ll play a key role in responding to customer due diligence requests by gathering input from various departments. Through these varied tasks, your contribution will be vital in driving continuous improvement initiatives that protect both company assets and client interests.

• Review existing documentation of IT controls, business processes, policies, procedures, and management reports to ensure their effectiveness and sustainability across the organisation.
• Evaluate, document, and test both manual and automated controls throughout the IT environment to maintain high standards of operational efficiency.
• Develop and implement comprehensive audit testing methodologies tailored to evolving industry requirements.
• Design detailed audit programmes that facilitate ongoing evaluation and validation of IT control effectiveness in line with best practice frameworks.
• Lead and conduct internal and external Information Security audits according to recognised industry standards such as CIS, SOX, and ISO27001.
• Assess suppliers’ capabilities against applicable requirements by conducting thorough evaluations aligned with organisational policies, standards, and procedures.
• Conduct Information Security risk assessments for suppliers and vendors to ensure all third-party risks are identified, assessed, and managed effectively.
• Collaborate with internal stakeholders to ensure that all controls adhere strictly to defined policies, processes, and procedures.
• Work closely with procurement teams and business units to guarantee supplier compliance with cyber security policies and standards.
• Lead the completion of customer RFPs and RFIs by coordinating responses across multiple functions including Sales, Product Development, Information Security, and Information Systems.

What you bring:
To excel as an IT Compliance Analyst in this setting, your background should reflect hands-on experience within audit functions where information security was paramount. Your familiarity with leading governance frameworks like NIST or ISO27001 will enable you to navigate complex regulatory landscapes confidently. You bring not only technical acumen but also outstanding interpersonal abilities—your talent for building relationships ensures smooth collaboration between internal teams and external partners alike. Your attention to detail shines through when documenting findings or preparing reports; meanwhile your organisational skills help you juggle multiple priorities without compromising quality. A consultative mindset allows you to support colleagues while maintaining independence in your assessments.

• Proven experience working within an audit function focused on information security or IT compliance is essential for success in this role.
• Comprehensive knowledge of major Information Security frameworks such as NIST, CIS, SOX, Cyber Essentials, ISO27001, PCI-DSS or SOC is required.
• Demonstrated ability to contribute positively towards fostering an effective Information Security culture that supports audit objectives across diverse teams.
• Strong relationship-building skills enabling you to establish productive connections with stakeholders from functional teams as well as external auditors on relevant standards.
• A solid understanding of Information Security controls coupled with practical experience applying them within complex environments is highly desirable.
• Ability to accurately identify Information Security risks during audits while managing findings in accordance with organisational risk appetite guidelines.
• Exceptional written and verbal communication skills allowing you to produce clear audit documentation and present findings confidently at all levels.
• Commitment to excellence reflected through high organisational skills; adept at managing time efficiently while balancing priorities under pressure.
• Capacity for autonomous work combined with a proactive approach towards driving improvements in processes or control environments.

What's next:
If you are ready to take on a rewarding challenge where your skills can truly make an impact within information security compliance—this is your moment!

Apply today by clicking on the link provided—your next career step awaits!

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates