Current vacancies

Current Vacancies


Role title

Security & Compliance Analyst




Service and Operations


Canary Wharf, London

Salary range


Team Size


Reporting Line

Security & Compliance Manager




Main Purpose of the Role

The role is responsible for defining, implementing and communicating Information Security Compliance Requirements across all countries within which Truphone have a presence.


Key Responsibilities

  • Development and maintenance of global policies and standards which support Truphone’s development and operational activities, including the assurance and governance of policies and standards in support of ISO27001.
  • Ensuring that all policies and procedures are well documented and implemented, performing periodic internal reviews and identifying compliance problems that call for formal attention.
  • Development of risk management strategies to detect non-compliance with security policies, and track and manage exceptions to security policy.
  • Continual improvement of the Information Security Management System to assure compliance with ISO27001 certification.
  • Provision of  support to  Corporate Sales when bidding for new accounts and help to manage the relationships with suppliers/ partners to ensure levels of Security & Continuity capabilities are commensurate.
  • Pro-active identification of weak security controls by way of conducting security reviews, and provision of recommendations for improvement to the relevant teams.
  • Maintenance and improvement of the security awareness campaign across Truphone.
  • Support for security incident response activities.
  • Support for the formalisation of regular vulnerability assessments and risk-driven patch management.
  • Support for security initiatives in line with the security roadmap.


Skills and Experience Required

  • Around 2 or 3 years’ experience writing information security policies and technical documents.
  • Solid knowledge of ISO27001.
  • Experience of compliance with the Data Protection Act (DPA).
  • A good all-round knowledge of IT systems, platforms, networking and security technologies.
  • Experience of working in a customer facing environment to ensure customer security requirments are met.
  • Excellent communication, reporting and interpersonal skills.
  • Ability to work proactively with business stakeholders to implement corrective actions to security gaps.
  • Any understanding of what GDPR will require would be useful.
  • Information security management qualifications such as CISSP or CISM – preferred, not essential.



NO agencies please. We work very closely with only agreed suppliers and will not accept any CVs from any 3rd parties.


> Click here to apply for this job