Book demo

Full-time, to start ASAP.
Based in London with scope for WFH a few days per week.
Open for applications.

Information Security Risk and Compliance Analyst

About the role

We are seeking an enthusiastic and capable Information Security Risk and Compliance Analyst to support the provision of effective Information Security through the development and implementation of appropriate policies, procedures, and controls, together with a superstar team led by an inspiring Engineering Lead.

This is an important role critical to ensuring secure access to data and services for staff, partners, clients, and other stakeholders.

The impact you’ll own

  • Collaborate to define information security standards and develop supporting organisational policies.
  • Leading the development of the overall Information Security Management System at Climate X, from induction training of new staff to conducting quarterly audits and chairing both the Annual Management Review Meeting and multi-year ISMS Committee Meetings, comprising the heads of each department.
  • Support vendor/supplier due diligence process and help to lead and define overall third-party risk management efforts.
  • Support the maintenance of existing ISO 27001 and UK Cyber Essentials certifications as required.
  • Support internal and external audit processes for relevant compliance concerns, including SOC 2, ISO27001, and GDPR, as well as others as they arise.
  • Perform business impact analysis and assist with the development of the Information Security Risk Registers.
  • Guide business and risk owners in developing appropriate risk treatment plans to reduce the organisation's risk.
  • Stay current and well-informed on developing regulatory concerns and changing IT and information security trends.
  • Support audit and compliance activities on new development projects.

What you bring

  • A current cybersecurity or technology certification such as CISSP, CISM, CCSP, CCP SIRA, CISA, CRISC, SEC+.
  • 3+ years of combined relevant experience in Information Technology or Cybersecurity.
  • 2+ years of experience working directly in an Information Security Governance, Risk and Compliance role, ideally within the UK and European context.
  • Experience with commonly accepted industry standards and best practices relating to information security compliance, such as ISO 27000 series or NIST 800 series.
  • Experience with information security management, information systems auditing and compliance are essential.

What makes you stand out

  • Bachelor's degree in computer science/technology, cybersecurity, information management or other IT-related field.
  • Experience with information security governance, risk, and compliance management in a global context.
  • Demonstrated ability to assess business risk, classify potential threats, and enhance security controls for remediation & countermeasures.
  • Familiarity with ISMS and security frameworks.
  • Good working knowledge of cloud security.
  • Experience with information security testing methodology.
  • Hands-on, can-do attitude, great interpersonal skills, and ability to collaborate effectively. This includes the ability to plan projects, meet objectives, develop contingencies, and produce schedules.
  • Strong written, verbal, and interpersonal skills – and the ability to explain complex concepts to a non-technical audience.

What you get

£45k - £55k

Your compensation is determined based on the value you create. We'll also reward you with employee shares based on merit & performance. We are a genuine meritocracy, free from outdated HR practices.

Employee Stock Ownership Plan (ESOP)

Designed to encourage long-term thinking and behaviours. Being an employee-owned firm will be key to our success.

25 holiday days (+ Bank holidays)

Flexible working arrangement - work the hours you want to balance your own workload with life’s priorities. We're also partnered with Oliva.Health for uncapped mental healthcare support

Your growth is key

In addition to pioneering climate change analytics, you’ll be exposed to the inner workings of an exciting start-up, and continuous development with £1.5k to spend on your personal training. You'll benefit from a dedicated budget for tech team to attend and represent Climate X at conferences and events.

Pensions & Perks

We offer a flexible benefits package aligned to modern ways of working that includes a benefits allowance, a green pension, corporate discounts and shared parental leave arrangements.

Society Impacts

You’ll be making a positive impact to the world. We’ll also have two days per year allocated for volunteering time to support a charity or community group and make an impact closer to home.

Climate X is a purpose-driven climate adaptation data company set to revolutionise how the world manages assets, property, and infrastructure.

We’ve embarked on an exciting project to give our customers meaningful insights into how our changing climate will impact their property. From individuals with one property to businesses with millions of assets, our platform displays risks from potentially damaging severe weather events across multiple climate change scenarios and calculates the cost of that damage to the asset valuation.

Climate X will help customers save millions of pounds, be more resilient to climate change, meet incoming regulatory requirements and make smarter investment decisions.

We work with the UK’s leading climate scientists, AI specialists and financial services professionals.

We advocate diversity with our founders, team, and investors from various backgrounds. We’re not building just a team but a place of innovation where problem-solving and fun coexist to address the most significant challenge our society is facing now.

Applying for this role – if in doubt, do it!

We've tried to make the hiring process as easy and transparent as possible. That's because we want to respect your time and help you succeed if you apply.

If you don't tick every box in the job description or think there are different ways to shine that our job ad doesn't quite capture, it's okay! We encourage you to apply anyway instead of not applying at all!

If there are any adjustments, we can make to help make the process easier for you, for example, if you have a disability or a different way of working that we should be aware of – please let us know, and we'll do our best to help.

If you want to build something that matters to the world and are ready to join our team on this journey, apply now!

Sign up to our newsletter

Get regular updates tailored to you.

Climate X