Job Specifications
Information Security Compliance Analyst
An exciting opportunity for an experienced Compliance Analyst to join a market-leading, disruptive AI software company as they continue to strengthen and scale their information security compliance programmes.
Working within a high-growth SaaS environment, you will play a key role in maintaining and enhancing frameworks, including ISO/IEC 27001:2022, SOC 2 (Type I & II), and CMMC Level 1. This is a hands-on role focused on ensuring audit defensibility while embedding structured, proportionate, and scalable compliance processes aligned with business growth.
You will work closely with Security, Procurement, Legal, Platform (SRE), and Engineering teams to implement pragmatic and repeatable compliance practices across the organisation.
Location: London – 3 days in office / 2 days remote
Salary: Negotiable + comprehensive benefits package
Requirements for Compliance Analyst:
Demonstrable experience within information security compliance, IT audit, or Governance, Risk & Compliance (GRC)
Working knowledge of ISO/IEC 27001:2022 and/or SOC 2 Trust Services Criteria
Experience supporting external audits and managing structured evidence collection
Strong organisational, documentation, and stakeholder coordination skills
Ability to interpret regulatory and control requirements and translate them into practical, scalable business processes
Desirable:
ISO 27001 Internal Auditor certification
Experience within SaaS or cloud-based environments
Familiarity with CMMC and NIST SP 800 frameworks
Responsibilities for Compliance Analyst:
Maintain and operate the ISO/IEC 27001:2022 Information Security Management System (ISMS)
Support ongoing SOC 2 (Type II) and CMMC Level 1 compliance programmes
Manage compliance calendars, control monitoring activities, and testing cycles
Coordinate external audits, including ISO surveillance/recertification, SOC 2, and CMMC
Perform periodic control checks and collect, validate, and organise audit evidence
Track nonconformities, findings, and corrective actions through to closure
Maintain and evolve the risk register and remediation tracking processes
Support awareness and training initiatives to improve overall compliance maturity
What this offers:
Working for an industry-leading AI software company operating at the forefront of innovation
A hands-on compliance role with real ownership across ISO 27001, SOC 2, and CMMC frameworks
The opportunity to influence and scale security governance within a growing SaaS business
A competitive salary and comprehensive benefits package
Applications:
If you are an experienced Compliance or GRC professional looking to join a high-growth technology company in a structured yet evolving security environment, we would love to hear from you. Please send an up-to-date CV via the relevant link.
We’re committed to creating an inclusive and accessible recruitment process. If you require reasonable adjustments for your application or during the review process, please highlight this by emailing applications@redtech-recruit.com (if this email address has been removed by the job-board, full details for contact are available on our website).
Keywords: Compliance Analyst / GRC Analyst / Information Security Compliance / ISO 27001 / SOC 2 / CMMC / IT Audit / Governance Risk and Compliance / Risk Analyst / Security Compliance / SaaS Security / GRC Platforms / Drata / Vanta / Secureframe
RedTech Recruitment Ltd focuses on finding roles for Engineers and Scientists. Even if the above role isn’t of interest, please visit our website to see our other opportunities.
We are an equal opportunity employer and value diversity at RedTech. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status
About the Company
RedTech Recruitment is a leading STEM recruitment consultancy.
We are best known for helping STEM Graduates through to Post-Doc Researchers find their dream careers in industry.
Due to our expert advice and guidance, many graduates return to RedTech when looking for their second role. In early 2023 we opened a new division helping companies recruit experienced hires, our niche being 1-5 years of commercial experience within tech, engineering, and science.
If you’re looking for high-calibre talent from STEM backgrounds,...
Know more