Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR

Risk & Compliance Analyst - ISO 27001, SOC 2, GDPR

Location: Knutsford (Cheshire) | Office-based
Salary: £35,000 - £45,000 DOE + benefits

About the Role

We're supporting a fast-growing technology company that delivers secure, cloud-based platforms to highly regulated enterprise clients.

They're looking for a Risk & Compliance Officer / Analyst to play a key part in maintaining and improving their information-security and compliance frameworks.

Working closely with senior leadership, you'll help ensure the business remains compliant with standards such as ISO 27001, SOC 2 Type II, and GDPR, while building a culture of risk awareness and continuous improvement.

Key Responsibilities

• Maintain and develop compliance policies, standards, and frameworks across the organisation.
• Support internal and external audits for ISO 27001, SOC 2, and data-protection regulations.
• Conduct regular risk assessments and contribute to risk treatment plans.
• Monitor compliance KPIs, prepare monthly status reports, and present findings to senior stakeholders.
• Review vendor and third-party compliance, ensuring contractual and regulatory obligations are met.
• Deliver compliance awareness and training across teams.
• Provide oversight of physical-security processes, access control, and site audits.

What You'll Bring

• 3 + years' experience in compliance, risk, or information-security roles within cloud-first or regulated environments.
• Strong knowledge of ISO 27001 and SOC 2 Type II controls and audit processes.
• Understanding of GDPR, data-protection, and privacy frameworks.
• Practical experience supporting audit readiness, evidence gathering, and control implementation.
• Excellent attention to detail, analytical thinking, and confident stakeholder communication.
• Relevant certifications welcomed - CRISC, ISO 27001 Lead Implementer / Auditor, CIPP/E, GDPR Practitioner, CISM, or CISA.

Why Apply?

• Join a modern, compliance-driven business where security and governance are at the heart of operations.
• Visible role with direct access to senior leadership and real impact on company policy and certification.
• Opportunity to develop toward senior compliance or GRC management positions.
• Professional, collaborative culture built around accountability, trust, and growth.

To discuss this opportunity in confidence, contact Alex Pitts at Applause IT or apply today.