Security Compliance Analyst

About the role

SD Worx is seeking a Security Compliance Analyst to support its Group Risk & Security team. You will help manage the information security management system (ISMS) across the organization, ensuring that security controls meet internal policies and external regulations.

Key responsibilities

• Conduct information security risk assessments and comprehensive gap analyses.
• Monitor and improve the maturity of the ISMS.
• Follow up on open risk treatment plans.
• Assist senior team members in planning, coordinating, and attending external audits.
• Collaborate with internal and external stakeholders to demonstrate security expertise.
• Respond to generic information‑security queries from customers and internal teams.
• Build and maintain security metrics for the enterprise security program.
• Deliver security and privacy training sessions.
• Administer corporate phishing test campaigns and conduct awareness sessions.
• Review and propose updates to security policies in line with emerging trends.

Required profile

• Degree in Information Technology, Cyber Security, Computer Science or related field.
• Minimum 4 years of relevant experience, preferably in financial services or consulting.
• Experience conducting information‑security reviews or internal audits.
• Familiarity with ISO 27001/2, NIST Cybersecurity Framework, and CIS Critical Security Controls.
• ISO 27001 Lead Implementer/Auditor or similar certification is a plus.
• Strong communication skills and ability to explain technical concepts clearly.

Required skills

• ISO 27001/2
• NIST Cybersecurity Framework
• CIS Critical Security Controls