Senior Information Security Compliance Analyst

We are looking for a Senior Information Security Compliance Analyst to lead and maintain Sodexo’s Information Security Management System (ISMS) and ensure ongoing ISO27001 certification. This role will oversee the delivery of Information Security compliance activities across the UK & Ireland, supporting our PCI‑DSS programme and maintaining Cyber Essentials Plus compliance. The successful candidate will also manage third‑party security assurance across our supplier landscape and work closely with Legal teams to ensure appropriate Information Security requirements are embedded within contracts.

Join Sodexo and be part of something greater. You belong in a team where you can act with purpose and thrive in your own way.

For more information on Sodexo Careers please visit Sodexo Careers

Main Responsibilities

• Build an annual consolidated Information Security Compliance Programme that provides the business, IT of visibility of internal and external Audit & Assurance activity to allow appropriate demand & resource planning
• Deliver effective Security Compliance reporting to inform Risk & Issue reporting to the CISO, IT & Business Senior Leadership
• Ensure Audit & Assurance actions are managed, tracked, and reported through to mitigation

ISO27001

• Ensure the ISMS is managed and maintained in alignment with the Statement of Applicability and ISO27001/2 framework
• Define requirements for the ISMS, document and implement security policies to develop and maintain the ISMS
• Manage and maintain the ISMS document set
• Run regular audits of the activities on locations covered by the ISMS scope
• Develop a plan to scale up ISO27001 practices to a wider scope to improve overall security maturity
• Explore opportunities for consolidation of ISMS where practical and appropriate

PCI-DSS

• Build and maintain a PCI-DSS compliance programme that provides direction and assurance of operational controls to meet Sodexo’s compliance requirements
• Support PCI-DSS compliance efforts in performing and/or coordinating information security audits across payment channels / business segments
• Coordinate and support the PCI-DSS Audit Activity to ensure delivery of the ROC and the AOC

Cyber Essentials +

• Build and maintain a CE+ compliance framework that provides prioritised and targeted assurance activities
• Support CE+ compliance efforts in performing and/or coordinating targeted CE+ compliance monitoring across applicable segments and related Sodexo infrastructure
• Work with internal and external stakeholders to deliver CE+ certifications and recertifications

Please see attached job description for further information regarding the role requirements

The Ideal Candidate

• Expert knowledge and practical experience of ISO27001 certification requirements and ISMS
  documentation
• Expert knowledge and practical experience of PCI DSS certification requirements
• Expert knowledge and practical experience of Cyber Essentials + certification requirements
• Experience of leading and performing internal or external IT audits
• Experience of dealing with third party supplier audits
• Experience of negotiating with stakeholders in designing relevant action plans
• Experience of comprehensive IT internal audit program design and development
• General knowledge of IT environments and technologies
• General Knowledge of Security Architecture or Enterprise Architecture
• Desirable Certifications: CISA, CRISC, QSA, ISO27001 LI, ISO27001 LA.
• Ability to communicate effectively to a wide range of people from various horizons, both written and verbally
• Analytical and problem-solving capabilities
• Proactive and able to overcome obstacles
• Rigorous and organised
• Ability to gain Government Security Clearance

Package Description

Competitive salary depending on experience

Working with Sodexo is more than a job; it’s a chance to be part of something greater

You’ll belong in a company and team that values you for you; you’ll act with purpose and have an impact through your everyday actions; and you’ll be able to thrive in your own way.

In addition, we offer

20+ Sodexo benefits such as Sodexo retirement plan, discounts to over 1,900 brands to shop online, Gym discount to maintain a healthy lifestyle, a confidential 24/7 employee assistance programme providing independent support to overcome whenever life has its obstacles including emotional support, legal and financial advice.

For further details regarding our Sodexo benefits please see attached.

Ready to be part of something greater? Apply today!

About The Company

At Sodexo, our purpose is to create a better everyday for everyone to build a better life for all. As the global leader in services that improve the Quality of Life, we operate in 55 countries, serving over 100 million consumers each day through our unique combination of On-Site Food and FM Services, Benefits & Rewards Services and Personal & Home Services.

We're all about building a workplace for the future, we believe in equal opportunities, and we celebrate diversity. We’re an inclusive workplace, where everyone is welcome, everyone can be natural, and be the best versions of themselves. We recognise that we’re on a journey with regards to diversity and inclusion and would therefore welcome applications for candidates from underrepresented backgrounds.

We’re a Disability Confident Leader employer. We’re committed to changing attitudes towards disability, and making sure disabled people have the chance to fulfil their aspirations. We run a Disability Confident interview scheme for candidates with disabilities who meet the minimum selection criteria for the job.

File Downloads

• UK Rewards and Benefits Guide.pdf
• Senior Information Security Compliance Officer - JD 2026.docx