Join one of the UK’s largest electrical wholesalers as we reimagine our technology for the digital age. We’re modernising our legacy systems and building new platforms powered by AWS and AI — and we need creative minds to help us shape the future!

About the role:

You’ll be joining a close-knit, highly capable security team who genuinely enjoy working together and take pride in what they deliver. It’s a collaborative environment where ideas are shared openly, support is always there when you need it, and everyone is trusted to get on with their work without unnecessary layers or noise. There’s a strong sense of accountability, but also a lot of flexibility and understanding — people here back each other and celebrate progress together.

From a technical perspective, you’ll help evolve our governance framework, strengthen existing controls and play a key role in achieving and maintaining certifications such as ISO27001. We’re looking for someone who has been through that journey before and can bring a pragmatic, delivery-focused approach. You’ll need to be comfortable operating in a business that’s evolving quickly, able to balance structure with flexibility, and confident working with stakeholders at all levels. Just as importantly, you’ll be someone who listens, builds trust easily and brings a calm, thoughtful approach to problem-solving.

Responsibilities:

Working closely with the Governance and Compliance Manager (located in South Yorkshire, UK)

Working closely with the Head of Information Security (located in North Yorkshire, UK)

Leading the implementation and the changes required to help CEF to gain ISO27001 and additional certifications (such as ISO42001) as deemed necessary by the business

Support CEF maintain security certifications (Cyber Essentials, PCI) and support activities to enhance security controls

Auditing and reviewing security controls, policies and procedures to ensure alignment with current ways of working and best practice

Undertaking security control gap analysis and proposing strategies to remediate or reduce any observed risks

Supporting other Governance, Risk and Compliance team members in completing 3rd party supplier activities such as security due diligence reviews and client information security questionnaires

Working with the Governance and Compliance Manager to foster a culture of continuous security training and upskilling for all team members as well as all colleagues within CEF

Supporting security governance measures and policies for AWS cloud security

Working with the Governance and Compliance manager to identify, assess and prioritise potential information and data governance risks and issues across the business (including products, solutions, systems, data, people and processes), and through effective partnering relationships with business leaders, ensure that effective actions and controls are in place to mitigate those risks

Essential Experience:

Previous experience in an operational information security role, engaging and communicating successfully with senior stakeholders across different business areas to address and ensure information security compliance.
Previous experience gaining or maintaining ISO27001 certification
Proven experience of defining the information security policies, controls and processes to manage an organisations’ risk position
Proven experience of utilising Information Security principles and best practices such as ISO 27001, NIST, NCSC, PCI DSS requirements and other regulatory obligations.
Experience in risk and vulnerability management
AWS certifications in Security
Ability to travel to Durham UK and other UK CEF sites as and when required.

What We Offer:

Work from anywhere in the UK – we aim to come together multiple times a year in our office in Durham so you must be willing to travel when required.

Annual discretionary bonus

25 days holiday plus UK bank holidays.

Company pension scheme.

Access to Champion Health – the “Netflix of wellbeing”, covering physical, mental and financial wellbeing.

Access to MySavings Platform, offering discounts and vouchers across groceries, dining out, gym memberships, days out, experiences and travel.

Access to Light Up Learning, our platform for leadership, technical and personal development.

Free use of our onsite gym at Janet Nash House, Durham.

About Us:

Founded in 1951 in Kenilworth, UK, City Electrical Factors (CEF) has grown into a world-leading electrical wholesale and manufacturing business with over 400 branches across the UK and a strong presence in the USA, Canada, Spain and Australia.

Our IT and digital teams are driving the next chapter of our journey... Re-engineering legacy systems, adopting modern cloud technologies and exploring AI to deliver faster, smarter and more connected customer experiences.

We’re a predominantly remote workforce with teams distributed across the UK, USA, Canada, Spain and Australia. Our culture is collaborative, forward-thinking and people-focused — where your ideas and contributions genuinely matter.

Our Mission:

City is a world leading electrical wholesale and manufacturing business providing electrical products to the industry. We in IT are delivering value to our business and our customers with the implementation of packaged software and bespoke engineering for the digital age using AWS serverless technology. We need talented and creative people across all areas to join us in rearchitecting our forward thinking business over the next few years and beyond as we evolve.

Find Out More:

Find Out More About Us | More about IT | Find your local branch | Find our Privacy Notice here

Ready to Apply?

If you’re excited by technology, value collaboration and want to make a genuine impact, we’d love to hear from you. Click Apply to get started!

Cybersecurity Jobs List

Senior Governance, Risk and Compliance Analyst

About the role:

Responsibilities:

Essential Experience:

What We Offer:

Categories

Skills