Key skills
LeadershipProject ManagementCommunication
About this role
Role Overview
- Own the implementation of baseline technology controls
- Work with cross-functional teams to automate evidence collection
- Contribute to the design of scalable governance and issue-management processes
- Translate risk requirements into practical controls
- Track remediation progress and continuously improve controls
- Conduct gap analysis for compliance certification
- Prioritize remediation tasks based on risk assessment
- Influence senior stakeholders across engineering for compliance
Requirements
- 12+ years of experience in technical compliance, security, or risk roles with direct responsibility for audit or certification delivery (ISO, SOC, PCI, UK Cyber Essentials, privacy audits, or similar).
- Demonstrated experience leading end-to-end technical audit certification programs, including scoping, control mapping, evidence collection, remediation, and auditor engagement.
- Proven track record working closely with infrastructure, platform, SRE, and product engineering teams to implement and operationalize controls.
- Hands-on experience building or driving tooling/automation for evidence collection, testing, or compliance reporting.
- Strong program and project management skills with experience coordinating cross-functional work streams and delivering on time against competing priorities.
- Excellent verbal and written communication skills, with experience presenting technical compliance status to auditors, engineers, and senior leadership.
- Solid analytical and risk‑prioritization skills to sequence remediation activities and make data‑driven decisions.
- Experience integrating acquired products or systems into an enterprise compliance posture (preferred).
- Relevant certifications such as CISA, CISSP, ISO Lead Auditor, PCI-related certifications, or equivalent.
Benefits
- Health insurance
- Paid time off
- Flexible working arrangements
- Professional development opportunities