Compliance & Governance Analyst - SC Cleared

Compliance & Governance Analyst – SC Cleared Contract | National Infrastructure | NIS Regulations | Hybrid SR2 are hiring for a Compliance & Governance Analyst to support the Governance, Risk & Compliance (GRC) function within a critical national infrastructure client. This role will play a pivotal part in helping the organisation meet its obligations under the Network and Information Systems (NIS) Regulations, particularly in the context of national infrastructure such as tunnels and, in future, bridges reliant on operational technologies (OT).You’ll work closely with asset owners and operational teams to refine and embed compliance frameworks, support risk and policy maturity, and evidence alignment with regulatory standards. While there is a developing control testing capability in place, your focus will be on driving business change, supporting governance through engagement, and bringing compliance processes to life.Key Responsibilities NIS Compliance Delivery

• Support the implementation and continuous improvement of processes that meet NIS obligations across operational infrastructure (e.g., tunnels, bridges).
• Collaborate with tunnel owners and asset stakeholders to ensure their awareness of compliance requirements, training needs, and governance expectations.
• Assist with documenting and refining compliance processes and policies, ensuring they are usable, adopted, and auditable.

Governance & Stakeholder Engagement

• Act as a key liaison between GRC and operational/engineering teams, ensuring clear understanding of governance frameworks and roles.
• Contribute to the development of business-led governance practices that align with compliance standards.
• Engage with stakeholders to surface gaps in training, knowledge, and governance capabilities.

Risk & Cyber Focus

• Contribute to cyber and operational risk assessments by engaging with the security and compliance teams.
• Support the evolution of risk reporting and refinement of current assessment standards and frameworks.
• Help draft structured processes for how the business reports, tracks, and responds to emerging risks.

Audit & Assurance Readiness

• Deliver clear, structured evidence of compliance to internal compliance teams, enabling future audit readiness.
• Contribute to the creation of evidence packs that demonstrate policy adoption and NIS alignment in day-to-day operations.

Essential Skills & Experience

• Proven experience in compliance, risk, or governance roles — ideally in regulated, public sector, or infrastructure-heavy environments.
• Understanding of the Network and Information Systems (NIS) Regulations or similar frameworks related to critical infrastructure protection.
• Comfortable engaging with both OT (Operational Technology) and IT stakeholders in environments with aging technology and evolving digital maturity.
• Skilled at process and policy drafting, with a pragmatic focus on stakeholder adoption and clarity.
• Excellent interpersonal skills, capable of building rapport and influencing governance behaviours across business units.
• Strong documentation and evidence-building skills to support internal compliance and audit activity.