At Burberry, we believe creativity opens spaces. Our purpose is to unlock the power of imagination to push boundaries and open new possibilities for our people, our customers and our communities. This is the core belief that has guided Burberry since it was founded in 1856 and is central to how we operate as a company today.  

We aim to provide an environment for creative minds from different backgrounds to thrive, bringing a wide range of skills and experiences to everything we do. As a purposeful, values-driven brand, we are committed to being a force for good in the world as well, creating the next generation of sustainable luxury for customers, driving industry change and championing our communities.


The Information Security Risk Analyst has a global remit and is an integral member of the Information Security team. The Risk Analyst will conduct information security risk assessments of internal and 3rd Party systems and processes to update the information security risk register, as well as performing commercial and contractual review services alongside other SME’s.

The Risk Analyst has responsibilities spanning information security policies, contractual reviews, risk management, and training and awareness. 


  • Identifying and evaluating IT and Cyber risks and developing relevant methods for remediation
  • Maintaining the Risk Register whilst having the ability to clearly and concisely articulate information security risks to key stakeholders (technical and non-technical), and the ability to prepare materials for senior management.
  • Driving Information Security Governance including, but not limited to, conducting BAU Risk Assessments, reviewing information security policies and standards, supporting contract reviews, and driving compliance around Third Party supply chain defence. 
  • Driving a culture change of understanding and awareness around Cyber Security risks throughout IT and the business. 


In addition, the candidate should have the following skills: 

  • Proven experience of commercial engagements related to Security & Risk
  • A broad understanding of risk and security frameworks and how they are operated 
  • Previous experience of operating at analyst level within Information Security and Risk teams
  • Ability to manage conflicting priorities and multiple tasks
  • Be able to learn quickly and have an aptitude for learning
  • Demonstrate first-class customer service skills


  • Professional qualification in Information Security and Risk, e.g. Certified Information Systems Security Professional (CISSP), ISO27001 Lead Auditor / Implementor, or Certified in Risk and Information Systems Control (CRISC) 


Burberry is an Equal Opportunities Employer and as such, treats all applications equally and recruits purely on the basis of skills and experience.


Posting Notes: United Kingdom || Not Applicable || Leeds || IT || INFORMATION SECURITY || n/a ||

Before you apply -
Register now and turn on alerts for jobs like this!

By registering you agree to our terms and conditions.

No thanks, continue to apply