Information Security Analyst (GRC)

  • Job Reference: 19587
  • Date Posted: 8 October 2021
  • Employer: EDF Energy
  • Website:
  • Location: Gloucester (GL4 3RS), United Kingdom
  • Salary: On Application
  • Sector: Mining / Oil / Gas
  • Job Type: Full Time
  • Duration: Permanent

Job Description

A career that will deliver change. Together, we'll help Britain achieve net zero.

Working hours: Full time 
Location: Remote working with some travel to the Gloucester office 
Salary: Competitive + excellent benefits 
Closing date: Monday 4th October 

The Opportunity

At EDF UK we pride ourselves on delivering quality service to all our customers. As the UK's largest generator of low carbon electricity, it's vital our Information Security infrastructure is of the highest standards. 


We are looking for a meticulous InfoSec Analyst to join our Enterprise Information Security Governance, Risk & Compliance Team. You will be responsible for Enterprise-level Information Security governance and assurance across EDF (UK), taking responsibility for directing, developing and maintaining our internal cyber security policies and supporting driving our Information Security Management System. 


This is a great opportunity for somebody who has worked in a highly regulated environment and is well versed within information security frameworks and requirements, e.g.ISO27001. You will be comfortable providing guidance on laws, regulations, policies, standards or procedures across the business.


Our teams are set up to work flexibly, therefore you don't have to live in Gloucester. If you're able to travel to the office when required, you can be based anywhere in the UK.


We provide a full suite of IT equipment to ensure that our employees can work from home comfortably and effectively. The Enterprise Product Manager (GRC) says - "The blended approach to working and reduced time commuting, has allowed my team better control of their work commitments. This has allowed further flexibility for taking time to attend family events, school runs, etc. while maintaining the productivity of the team.

The Role


We are looking for a professional with an excellent awareness of the technology and best practice pertinent to their domain, we also ask that you be passionate about encouraging and maintaining that awareness across EDF (UK). 


Excellent communication is paramount in this role, we need you to be comfortable collaborating and building relationships with both IT and business facing colleagues. This is a great opportunity to regularly engage with policy writers in the wider EDF group, understanding expectations and applying them to EDF (UK). 


If you have experience working with IT security operations, compliance, risk and governance practices and AGILE methodology, we'd love to speak to you.

It would be a huge advantage if you have skills or are qualified in CISSP or equivalent, AWS/Microsoft Azure, ISO27000, PCI-DSS and have previously evaluated and maintained security compliance in large complex business environments. Experience around provision of annual IT health check would be great. 

There is a full job description waiting for you should you request it. For this position, we will need someone who can obtain and maintain SC clearance. 

Competitive Salary & Benefits


At EDF we're dedicated to offering flexible benefits that support our people across all aspects of their lives. We're delighted to offer a range of benefits to support our employees' physical, emotional and financial wellbeing. 


In addition to a competitive starting salary, we offer a market-leading company pension scheme, paid holidays and a range of flexible benefits, such as: a company incentive bonus plan, health cover, cycle to work scheme, gym membership, discounts and employee pricing.

Please let us know if you'd like to discuss flexible working arrangements by highlighting this on your application.