Cyber Compliance Policy Analyst

Job Title: Cyber Compliance Policy Analyst

Location: Any Hub

Contract and working pattern: Hybrid, permanent

As a Cyber Compliance & Policy Analyst, you will ensure AG Barr meets its legal and regulatory obligations, driving compliance across cyber and data protection domains. Your focus will be on the UK GDPR and NIS2 compliance frameworks and the cyber security policy library.

• Own UK GDPR & NIS2 compliance within the Digital and Technology function, keeping registers current and audit ready.
• Support data security breach governance and maintain incident procedures, ensuring seamless readiness alongside our Legal team to meet the ICO's 72 hour notification window.
• Maintain the cyber security policy library, updating frameworks to align with evolving regulations.
• Drive policy adoption across the business, working with HR to track employee awareness and manage exceptions.
• Coordinate the penetration testing programme, managing vendor procurement, scoping, and logistics.
• Track vulnerability remediation by logging test findings in our risk management tool, Optro, and ensuring swift closure by technical teams.

• Compliance experience managing regulatory programmes for UK GDPR and at least one other cyber/data regulation.
• Working knowledge of NIS2 security obligations and UK GDPR requirements (including DPIAs and breach responses).
• Policy writing skills, with the ability to translate technical security requirements into clear employee guidance.
• Penetration test coordination experience, including scoping tests and tracking technical findings to resolution.
• Experience utilising GRC software or audit tracking platforms (Optro or equivalent) to log, assign, and track technical vulnerabilities and remediation progress through to closure.
• A methodical mindset with the discipline to track obligations and maintain accurate compliance documentation.

And it would also be great if you can demonstrate:

• Relevant certifications such as BCS Data Protection Practitioner, CIPP/E, or ISO 27001 Lead Implementer.
• Stakeholder management skills to collaborate effectively across Legal, HR, external providers, and regulators.

• Uncapped bonus linked to business performance
• Defined contribution Pension
• Up to 34 days holiday (depending on shift pattern)
• Flexible holiday trading
• Flexible cash pot to spend on benefits
• Healthcare Cash Plan
• Flexible benefits e.g. discounts & cashbacks, gym memberships, technology purchases etc
• Life assurance
• Save as you earn scheme
• Staff sales discount
• Free AG Barr products throughout your working day and staff sales
• Annual salary review
• Ongoing professional development and access to Learning and Development programmes and content

We are an equal opportunities employer and happy to discuss any reasonable adjustments that may be needed for successful candidates with a disability, health or mental health condition.

While we have highlighted our ideal requirements for this role, we are realistic that the successful candidate probably won't meet every single requirement in this advert, but we encourage you to submit an application - you may be just what we are looking for!

Speculative CVs from agencies will not be accepted.

Please note, we may close vacancies early where we receive significant numbers of applications, so apply now!