Governance, Risk & Compliance Analyst

TalkTalk, Salford, England, United Kingdom

Working cross‑functionally you will establish and maintain the security governance framework, ensuring all key stakeholders across the Executive Leadership Team have visibility of the business security posture and security roadmap. You will leverage key partner and supplier relationships to define performance measures required by the business across all security services, covering areas such as security risk management, operations, and penetration testing.

With responsibility for the implementation of the cyber security roadmap, you will ensure security services are cost‑optimised and offer value to the business. You will support the business to maintain compliance with relevant legislative requirements, such as Telecommunications Security Act and Investigatory Powers Act, along with broader compliance programmes such as ISO27001.

• Lead the design, implementation, and governance of IT and cyber security policy frameworks.
• Develop and manage an enterprise policy governance structure that aligns with industry best practices and internal strategy.
• Ensure cyber policies remain current, effective, and aligned with evolving technologies, threats, and compliance requirements.
• Promote cyber awareness initiatives across the organisation to embed a strong security culture.
• Monitor and report on policy adherence, risks, and mitigation plans to senior stakeholders.
• Collaborate with key internal and external stakeholders to ensure a consistent and integrated approach to cyber policy and governance.
• Identify opportunities for policy automation and toolset enhancements.

• 5+ years of experience in cyber governance, cyber assurance, policy development, or IT compliance.
• Strong knowledge of cyber security frameworks such as TSA, NIST, PCI‑DSS, CE+, and ISO 27001.
• Hands‑on experience with cloud platforms, preferably Azure.
• Relevant certifications such as CISSP, CISM, or CRISC are preferred but not essential.
• Excellent stakeholder management, reporting, and communication skills.

As a recognised Top 50 Inclusive Employer in the UK, we believe that diversity fuels innovation and success. We’re committed to building a workplace that reflects the communities and customers we serve.

• Flexible hybrid working – with a minimum of 50% office presence to support teamwork and connection.
• Collaborative office spaces designed for creative thinking and innovation.
• Free on‑site parking at our offices.
• Generous holiday package – 25 days annual leave, 3 wellbeing days, and your birthday off (plus the option to buy up to 10 more days!).
• Private healthcare for all employees.
• Competitive pension scheme and performance‑related bonus opportunities.
• Free broadband for all employees.
• Life event gifts – celebrating milestones like marriages and births.
• Inclusive employee networks – open to all, supporting peer connection and thought‑provoking conversations.
• Salary sacrifice scheme – save on dental, gym, and more.
• Big retail and leisure discounts.
• 3 paid volunteering days a year – because making a difference matters to us too.

Mid‑Senior level

Full‑time

Legal

Telecommunications