Information Security Analyst

The Lanes Group are the UK’s largest independent provider of water and wastewater solutions and services we play a vital role in always maintaining the seamless operations of the nation's water systems.

Formed in 1992 our half a billion-pound turnover ensures continued expansion for market share. Our key differentiator is our 4,000 staff and our resource pool that includes the most innovative fleet plant and equipment the market has to offer.

We are the UK’s largest end‑to‑end drainage solution provider with depots strategically located across the UK from Aberdeen to Plymouth to ensure round‑the‑clock coverage for customers and clients alike.

We are seeking an Information Security Analyst to support the development and maintenance of our governance, risk and compliance activities. The successful candidate will play a key role in ensuring the organisation remains compliant with Cyber Essentials, ISO 27001 and GDPR requirements while also supporting wider security awareness initiatives. This role is best suited to someone with a strong eye for detail, excellent documentation skills and an interest in building a career within information security governance. Occasional travel to regional sites is required, therefore a UK driving licence is essential.

Midlands

£32,000 – £37,000 per year

Full‑time Monday to Friday (37.5 hrs per week) with flexible working options.

• Career progression into governance, risk and compliance leadership roles.
• Support with professional training and certifications.
• Opportunity to influence the organisation’s security maturity and compliance journey.
• 24 days holiday plus bank holidays.
• Pension.
• Death in service benefits.

• Assist with the coordination and maintenance of ISO 27001 compliance audits and documentation.
• Support Cyber Essentials certification gathering evidence and tracking remediation actions.
• Maintain accurate logs and reports for backup checks, access reviews and other compliance processes.
• Support GDPR obligations including Subject Access Requests (SARs) ensuring secure and timely delivery.
• Produce reports and metrics for management on compliance status and risks.
• Track and assess third‑party supplier risks.
• Contribute to security awareness training and communications across the organisation.
• Provide governance input to IT and business projects ensuring security requirements are considered from the outset.

• 25 years experience in IT compliance or data‑related roles.
• Familiarity with Microsoft 365 and Azure from a compliance/security perspective.
• Exposure to security frameworks such as ISO 27001 or Cyber Essentials.
• Working towards security or governance certifications (e.g. CompTIA Security, ISO 27001 Lead Implementer, CISMP).

• Strong attention to detail and documentation skills.
• Analytical mindset with the ability to interpret policies and standards.
• Effective communicator able to explain requirements across different teams.
• Organised and capable of handling multiple tasks simultaneously.

In joining the Lanes Group, the UK’s largest independent provider, we are committed to fostering a workplace culture that prioritises the well‑being, growth and safety of our employees. Through continuous training, professional development opportunities and a supportive environment that values every individual’s unique contribution, we empower our team to uphold the highest standards of integrity, collaboration and inclusivity.

This position is open to internal and external candidates. Any internal candidates currently employed within a division of the Lanes Group must complete an Internal Application form and submit to recruitment.

The Lanes Group plc comprises a range of established service‑provider subsidiaries that complement the specialist service of Lanes by both work type and geography, increasing our overall capability assets and offering to our customers.

Lanes – I – – – – are an equal opportunities employer and welcome applications from under‑represented members of the community.