This website uses cookies to ensure you get the best experience.

South West Water and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
South West Water career site
South West Water · Digital and Technology · Exeter (Peninsula House)

GRC Analyst

RS4252_SWW_Stack 2lines_colour.png

Powered by Water, Driven by Purpose

South West Water keeps the South West flowing with safe, reliable drinking water and wastewater services across some of the UK’s most stunning landscapes.

We’re proud to be part of Pennon Group, a leader in the UK water sector, working towards a greener future. Our goals? As well as lowering our carbon footprint, we’re working with partners to plant 300,000 trees, restore peatlands and supporting farmers and landowners to improve water quality and wildlife.

Whether you’re starting out or seeking a new challenge, our scale and ambition create opportunities for you to shape your own career.

Ready to make a splash? Join our team today.

Are you passionate about Cyber Security Governance, Risk Management and Compliance?  We are seeking a proactive and knowledgeable Cyber Security GRC Analyst (up to £36,000 doe)to support and strengthen our organisation’s security posture. In this role, you will help ensure ongoing compliance with key security standards, manage governance frameworks, and contribute to the resilience of our cyber environment.

About the Role

As a Cyber Security GRC Analyst, you will play a central role in driving our governance, risk, and compliance activities. Reporting to the Cyber Security Compliance Manager, you will support internal reviews, risk assessments, policy development, and ongoing compliance with frameworks such as ISO 27001 and NIS Regulations. You’ll collaborate across the business to ensure risks are effectively managed, controls are embedded, and our security standards remain robust and continually improved.

Key Responsibilities:

  • Plan, conduct, and document internal ISO 27001 audits across all areas of the Information Security Management System (ISMS), ensuring all controls and processes are regularly reviewed for effectiveness and compliance

  • Evaluate the effectiveness of information security policies, procedures, and controls, and identify areas for improvement or non-compliance.

  • Develop and maintain an annual audit schedule to ensure comprehensive coverage of ISO 27001 requirements and continual improvement of the ISMS.

  • Conduct and document internal audits and assessments aligned to ISO 27001 and NIS Regulations

  • Contribute to the development and maintenance of cyber security policies, standards, and procedures

  • Assist in maintaining the IT Security risk register, including identifying, assessing, and monitoring Work closely with business stakeholders to gather evidence, close audit findings, and track corrective actions

  • Support security assurance activities, including penetration tests, vulnerability scans, and third party reviews

  • Promote strong cyber security awareness and contribute to a positive security culture

  • Ensure third party suppliers meet contractual and regulatory security requirements

  • Maintain compliance with relevant legislation and industry standards

  • Monitor adherence and enforce policies to safeguard organisational data.

  • Ensures that data protection practices meet legal, regulatory, and standards requirements.

Why Governance, Risk & Compliance Matters

Effective GRC practices are essential for safeguarding sensitive information, maintaining customer trust, and protecting the organisation from regulatory, operational, and reputational risks. Regular internal ISO 27001 audits not only ensure ongoing certification but also drive continual improvement and resilience in our information security practices.

What We’re Looking For

  • Full UK driving licence

  • Strong understanding of cyber security principles, risks, and regulatory requirements

  • Familiarity with ISO 27001 or NIS or other cyber security standards and frameworks

  • Experience in conducting audits or assessments

  • Thrives in environments where clear governance, process adherence, and continual improvement are valued.

  • Values the opportunity to help teams prepare for external audits or certifications

  • Excellent communication and relationship building skills

  • Excellent attention to detail

  • A collaborative, self-motivated approach with strong organisational abilities

  • Eligible for UK Government Security Clearance (SC)

Why You'll Love Working With Us:

  • We know that the support and commitment of our staff is key to our success so you will receive the opportunity for ongoing development and training for a long-term career with us. In return, we offer an excellent range of benefits including:

  • Annual salary of up to £36,000 depending upon experience

  • Generous holiday allowance plus bank holidays

  • A discretionary Bonus

  • Competitive Contributory Pension

  • Share-save Scheme

  • Various health benefits

  • Wellbeing support programmes

  • A range of Group Discounts

  • Cycle to Work Scheme

  • Financial support services

  • And plenty more!

Closing Date:16th February

Please note that the successful candidate will be subject to a mandatory DBS check as part of the onboarding process.

Be yourself, we like it that way. Together, we will build a culture of belonging, where inclusion is instinctive. Diversity is our strength and a reflection of our communities. We care, we value everyone, we celebrate uniqueness.

Our core values which are essential to our success are:

Be Rock Solid - Build trust and be trusted. Be the one we all look to and can depend on.

Be You - We want you to bring your best everyday. Be yourself and make your mark in your individual way.

Be the Future - Embrace change. Drive Progress. Own the challenge.

Values

Division
South West Water
Department
Digital and Technology
Locations
Exeter (Peninsula House)
Yearly salary
£32,000 - £39,000

About South West Water

We look after the water and wastewater services for 1.8 million customers across Cornwall, Devon, the Isles of Scilly and parts of Dorset and Somerset.

From treatment and maintenance, to innovation and improvements, we're busy every day finding and fixing leaks, unblocking sewers and going bigger and further in our environmental work to be a company you can be proud of.

South West Water · Digital and Technology · Exeter (Peninsula House)

GRC Analyst

Loading application form

Applicant tracking system by Teamtailor