City Electrical Factors Jobs

Senior Governance, Risk and Compliance Analyst

City Electrical Factors

Senior Governance, Risk and Compliance Analyst

Posted 3 Days Ago

Be an Early Applicant

Basted, Tonbridge and Malling, Kent, England, GBR

Hybrid

Senior level

Energy • Industrial

The Role

Lead governance, risk and compliance activities to achieve and maintain security certifications (ISO27001, Cyber Essentials, PCI). Audit controls, perform gap analysis, remediate risks, support third-party security due diligence, and strengthen AWS cloud security policies while partnering with stakeholders to embed security training and continuous improvement.

Summary Generated by Built In

Join one of the UK’s largest electrical wholesalers as we reimagine our technology for the digital age. We’re modernising our legacy systems and building new platforms powered by AWS and AI — and we need creative minds to help us shape the future!

About the role:

You’ll be joining a close-knit, highly capable security team who genuinely enjoy working together and take pride in what they deliver. It’s a collaborative environment where ideas are shared openly, support is always there when you need it, and everyone is trusted to get on with their work without unnecessary layers or noise. There’s a strong sense of accountability, but also a lot of flexibility and understanding — people here back each other and celebrate progress together.

From a technical perspective, you’ll help evolve our governance framework, strengthen existing controls and play a key role in achieving and maintaining certifications such as ISO27001. We’re looking for someone who has been through that journey before and can bring a pragmatic, delivery-focused approach. You’ll need to be comfortable operating in a business that’s evolving quickly, able to balance structure with flexibility, and confident working with stakeholders at all levels. Just as importantly, you’ll be someone who listens, builds trust easily and brings a calm, thoughtful approach to problem-solving.

Responsibilities:

Working closely with the Governance and Compliance Manager (located in South Yorkshire, UK)

Working closely with the Head of Information Security (located in North Yorkshire, UK)

Leading the implementation and the changes required to help CEF to gain ISO27001 and additional certifications (such as ISO42001) as deemed necessary by the business

Support CEF maintain security certifications (Cyber Essentials, PCI) and support activities to enhance security controls

Auditing and reviewing security controls, policies and procedures to ensure alignment with current ways of working and best practice

Undertaking security control gap analysis and proposing strategies to remediate or reduce any observed risks

Supporting other Governance, Risk and Compliance team members in completing 3rd party supplier activities such as security due diligence reviews and client information security questionnaires

Working with the Governance and Compliance Manager to foster a culture of continuous security training and upskilling for all CEF team members

Supporting security governance measures and policies for AWS cloud security

Working with the Governance and Compliance manager to identify, assess and prioritise potential information and data governance risks and issues across the business (including products, solutions, systems, data, people and processes), and through effective partnering relationships with business leaders, ensure that effective actions and controls are in place to mitigate those risks

Essential Experience:

Previous experience in an operational information security role, engaging and communicating successfully with senior stakeholders across different business areas to address and ensure information security compliance.
Previous experience gaining or maintaining ISO27001 certification
Proven experience of defining the information security policies, controls and processes to manage an organisations’ risk position
Proven experience of utilising Information Security principles and best practices such as ISO 27001, NIST, NCSC, PCI DSS requirements and other regulatory obligations.
Experience in risk and vulnerability management

What We Offer:

Work from anywhere in the UK – we aim to come together multiple times a year in our office in Durham so you must be willing to travel when required.

Annual discretionary bonus

25 days holiday plus UK bank holidays.

Company pension scheme.

Access to Champion Health – the “Netflix of wellbeing”, covering physical, mental and financial wellbeing.

Access to MySavings Platform, offering discounts and vouchers across groceries, dining out, gym memberships, days out, experiences and travel.

Access to Light Up Learning, our platform for leadership, technical and personal development.

Free use of our onsite gym at Janet Nash House, Durham.

About Us:

Founded in 1951 in Kenilworth, UK, City Electrical Factors (CEF) has grown into a world-leading electrical wholesale and manufacturing business with over 400 branches across the UK and a strong presence in the USA, Canada, Spain and Australia.

Our IT and digital teams are driving the next chapter of our journey... Re-engineering legacy systems, adopting modern cloud technologies and exploring AI to deliver faster, smarter and more connected customer experiences.

We’re a predominantly remote workforce with teams distributed across the UK, USA, Canada, Spain and Australia. Our culture is collaborative, forward-thinking and people-focused — where your ideas and contributions genuinely matter.

Our Mission:

City is a world leading electrical wholesale and manufacturing business providing electrical products to the industry. We in IT are delivering value to our business and our customers with the implementation of packaged software and bespoke engineering for the digital age using AWS serverless technology. We need talented and creative people across all areas to join us in rearchitecting our forward thinking business over the next few years and beyond as we evolve.

Find Out More:

Find Out More About Us | More about IT | Find your local branch | Find our Privacy Notice here

Ready to Apply?

If you’re excited by technology, value collaboration and want to make a genuine impact, we’d love to hear from you. Click Apply to get started!

Skills Required

Previous experience in an operational information security role engaging senior stakeholders
Previous experience gaining or maintaining ISO27001 certification
Proven experience defining information security policies, controls and processes
Proven experience with information security frameworks and standards (ISO27001, NIST, NCSC, PCI DSS)
Experience in risk and vulnerability management
Experience auditing and reviewing security controls, policies and procedures
Experience performing security control gap analysis and proposing remediation strategies
Experience supporting third-party supplier security due diligence and information security questionnaires
Knowledge of AWS cloud security and supporting governance measures for cloud environments

View all jobs at City Electrical Factors

View City Electrical Factors Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

2,697 Employees

Year Founded: 1951

What We Do

City Electrical Factors (CEF) is the largest distributor of electrical products in the United Kingdom. Founded in 1951, the company operates over 400 branches, providing a wide range of electrical, hardware, plumbing, and heating equipment to professional contractors and the public. They are known for their extensive product range, including cables, power tools, and renewable energy solutions like solar and EV charging equipment.