Security Governance Analyst

Job Title: Security Governance Analyst

Salary: £29,700 - £38,500

Location: Cambridge / Hybrid with 2 days a week in office

Contract: Permanent

Hours: Full time 35 hours per week

Joining us as a Security Governance Analyst offers the opportunity to contribute directly to strengthening our security governance, ensuring our organisation continues to deliver responsibly, securely, and effectively .

We are Cambridge University Press & Assessment, a world-leading academic publisher and assessment organisation and a proud part of the University of Cambridge.

About the role

This role supports the development and oversight of security governance practices across the organisation. You will maintain security documentation, support internal and external audits, contribute to supplier assurance processes, and provide essential security governance support to the wider Group Security team. Your work will help ensure compliance, strengthen our ISMS, and uphold high security standards.

Additional responsibilities include:

• Supporting the development and documentation of security policies and guidelines.
• Assisting with ISO 27001 and Cyber Essentials audit preparation and evidence collation.
• Maintaining supplier assurance tools and conducting supplier security assessments
• Monitoring compliance and contributing to relevant governance reporting.
• Supporting risk management processes, including maintaining risk registers
• Providing administrative support to the Group Security team, including processing POs and maintaining the Security Connect page.

This position has been classified as a hybrid role, requiring the selected candidate to typically spend 40-60% of their time collaborating and connecting face-to-face at their dedicated location. Aside from our hybrid principles, other flexible working requests will be considered from the first day of employment, including other work arrangements should you require adjustments due to a disability or long-term health condition.

About You

You will bring:

• A minimum of 2 years' experience or demonstrated capability in information security governance, risk, or compliance.
• Working knowledge of ISMS frameworks such as ISO 27001 and Cyber Essentials.
• Familiarity with supply chain and third-party security management.
• Knowledge of security threats and mitigation strategies.
• Strong organisational, communication, and stakeholder engagement skills.

If you meet the above minimum requirements, we encourage you to apply. Your application will be even stronger if you can also demonstrate the following desirable criteria:

• ISO 27001 Foundation or Information Security Fundamentals certification.
• 27001 Lead Auditor certification (or willingness to work towards it).
• Experience delivering security awareness programmes.
• Experience working with security risk frameworks.

For a detailed job description, please refer to the link at the bottom of the advert on our careers site.

We are a Disability Confident (DC) employer that is committed to equality and inclusion ensuring our recruitment process is accessible to all. The DC scheme's Offer of an Interview commitment applies to applicants who opt in, and disclose a disability or a long-term health condition, and best meet the minimum criteria for the role. In instances where interviewing all qualifying candidates is not practicable, we prioritise those who best meet the minimum criteria, as we would for applicants who do not have a disability or long-term health condition.

Please note, Cambridge University Press & Assessment is unable to sponsor this role under the Skilled Worker Visa route as it does not meet the minimum skill requirements.

Rewards and benefits

We will support you to be at your best in work and to live well outside of it. In addition to competitive salaries, we offer a world-class, flexible rewards package , featuring family-friendly and planet-friendly benefits including:

• 28 days annual leave plus bank holidays
• Private medical and Permanent Health Insurance
• Discretionary annual bonus
• Group personal pension scheme
• Life assurance up to 4 x annual salary
• Green travel schemes

Ready to pursue your potential? Apply now.

We aim to support candidates by making our interview process clear and transparent. The closing date for all applications will be 17 th April 2026 . We will review applications on an ongoing basis, and shortlisted candidates can expect interviews to take place shortly after it closes.

If you are shortlisted and progressed through the stages, you can expect:

• First stage virtual interview via MS Teams.
• Final stage interview: in-person at our offices in Cambridge

If you require any reasonable adjustments during the recruitment process due to a disability or a long-term health condition, there will be an opportunity for you to inform us via the online application form. We will do our best to accommodate your needs.

Please note that successful applicants will be subject to satisfactory background checks including DBS due to working in a regulated industry.

We are committed to an equitable recruitment process. As such, applications must be submitted via our official online application procedure. Please refrain from sending your CV directly to our recruiters. If you experience technical difficulties or require additional support with submitting your online application, contact the Recruiter.

Why join us

Joining us is your opportunity to pursue potential. You will belong to a collaborative team that is exploring new and better ways to serve students, teachers and researchers across the globe - for the benefit of individuals, society and the world. Sharing our mission will inspire your own growth, development and progress, in an environment which embraces difference, change and aspiration.

Cambridge University Press & Assessment is committed to being a place where anyone can enjoy a successful career, where it is safe to speak up, and where we learn continuously to improve together. We welcome applications from all candidates, regardless of demographic characteristics (age, disability, educational attainment, ethnicity, gender, marital status, neurodiversity, religion, sex, gender identity and sexual identity), cultural, or social class/background.

We believe better outcomes come through diversity of thought, background and approach. We welcome applications from people from all backgrounds and communities, actively seeking to employ people from a wide range of different communities.

Documents

• Security Governance Analyst Job Description March26.pdf (83.17 KB)