Policy Support Lead

The Policy Support Analyst will be responsible for developing, implementing, and maintaining security policies, standards, and procedures to ensure the protection of our information assets. This role requires a good understanding of security frameworks and regulatory requirements and experience in Information Security.

The role will be based in Reading and will report directly to the Head of Governance, Risk and Compliance. You will work to deliver the company's goals to have a fit‑for‑purpose security standards framework. This role requires the individual to be able to work independently, thrive in a challenging fast‑paced environment, and take accountability to meet and drive the needs of the programme.

Security Standards Management

• Develop and maintain comprehensive security policies, standards and procedures across the organisation.
• Align all standards with applicable regulatory requirements and frameworks (e.g., ISO 27001, GDPR, NIS‑R).
• Review and update standards regularly in response to emerging threats and regulatory changes.

Governance & Compliance

• Oversee the exception management framework, including reporting, approvals and reviews prior to expiry.
• Monitor compliance with security policies and standards across digital and business teams.
• Act as the primary point of contact for internal and external audits related to security standards.

Service Delivery & Operations

• Coordinate the annual standards review cycle, ensuring timely updates and stakeholder engagement.
• Support the publication and socialisation of new or revised standards to ensure organisation‑wide awareness.
• Collaborate with cross‑functional teams to embed security best practices into digital processes.

Stakeholder & Communications Management

• Build and maintain relationships with key stakeholders including the CISO, CIO, architecture teams, programme delivery and business owners.
• Provide clear, engaging, and relevant communication and training around security standards.
• Deliver security messaging both in person and virtually, ensuring consistency and clarity.

Continuous Improvement

• Track policy effectiveness and recommend enhancements to improve standard adoption and compliance.
• Stay informed of the latest security regulations, technologies and industry best practices to ensure standards remain current and effective.

Base location – Hybrid – Clearwater Court, Reading.

Working pattern – 36 hours Monday to Friday.

Essential Experience

• Experience in information security or a related governance role.
• Experience applying security frameworks and regulatory requirements (CIS, GDPR, NIS‑R).
• Experience collaborating across multiple business areas and functional teams.
• Proven ability to work independently, with strong stakeholder management capabilities.

Essential Technical Skills & Qualifications

• Strong written and verbal communication skills with the ability to deliver complex messages clearly.
• Skilled in exception management, reporting and compliance monitoring.

Desirable Experience

• Experience in maintaining security standards and exception frameworks.
• Exposure to information risk management processes and controls.

Desirable Technical Skills & Qualifications

• Relevant certifications such as CISSP, CISM or CISA.

Desirable Competencies

• Strong relationship building and collaboration skills.
• Excellent organisational and time management skills.
• Ability to influence stakeholders and drive compliance in a matrixed environment.

• Competitive salary up to £60,000 per annum, depending on experience.
• Annual leave – 26 days holiday per year, increasing to 30 with length of service (plus bank holidays).
• Performance‑related pay plan directly linked to both company and individual performance measures and targets.
• Generous pension scheme through AON.
• Benefit package including annual health MOTs, access to physiotherapy and counselling, Cycle to Work scheme, shopping vouchers, and life assurance.

We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.

We’re committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process. If you need any adjustments, whether that’s extra time, accessible formats, or anything else just let us know. We’re here to help and support.

Disclaimer: Due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.