Cyber Governance Analyst

Cyber Governance Analyst
Location: Ideally based in York or Leeds
Working Pattern: Full time, monday to Friday, working Hybrid - with travel to office locations as required (primarily to engage with subsidiary teams)
Salary: £45,000 - £65,000 (dependent on experience) + car allowance

Overview
An exciting opportunity has arisen for an experienced Cyber Governance Analyst to join a forward-thinking and collaborative business. Reporting directly to the Group Information Security Officer (GISO), the successful candidate will act as a first line of defence-ensuring that robust security controls are maintained in line with company policies and standards.
This role will also serve as a key liaison across subsidiary cyber services, supporting proactive risk management, driving good governance practices, and overseeing audit readiness. Key Responsibilities

• Collaborate with IT, legal, and policy teams to develop, manage, and ensure compliance with industry regulations and internal policies
• Implement and support information security and privacy standards/frameworks (e.g. ISO 27001, NIST, CIS)
• Work directly with engineering teams and architects to review system and data architectures in line with best practices
• Analyse and communicate the impact of vulnerabilities, controls, and mitigations on existing and future systems
• Conduct thorough risk assessments and effectively translate security and risk implications for technical and non-technical audiences
• Manage stakeholder expectations across projects with a pragmatic, agile, and solution-oriented approach

Key Skills & Experience

• In-depth knowledge of cybersecurity frameworks such as NIST, ISO 27001, and CIS
• Proven experience in a similar governance-focused role involving internal controls, risk management, and audit readiness
• Strong ability to bridge the gap between technical teams and business stakeholders
• Experience working within complex or multi-subsidiary organisational environments is a plus

Why This Role?
This is a fantastic opportunity for a Cyber Governance Analyst seeking to influence and enhance cyber resilience across a diverse portfolio of businesses. You'll work alongside talented professionals, shape a secure and scalable environment, and play a vital role in embedding best-practice governance and risk management processes.