Security and Compliance Administrator

We’re working with a software business operating in a highly regulated environment where systems and processes must be consistent, controlled and audit-ready at all times.

They have a strong technical security capability in place and are now looking for someone to take ownership of the process, documentation and governance that underpins it.

You’ll manage Cyber Essentials and Cyber Essentials Plus, support ISO 27001 across its lifecycle, and ensure the business is always prepared for audit. This includes coordinating audits, maintaining policies and documentation, and keeping everything current, approved and accessible.

You’ll maintain the risk register, track actions from audits and reviews, and ensure these are followed through to completion. You’ll also oversee governance processes such as access reviews and joiner, mover and leaver controls, ensuring they are consistent and properly evidenced.

Working closely with technical teams and stakeholders across the business, you’ll translate activity into clear, audit-ready outputs. You’ll also manage supplier security questionnaires and third-party assurance.

This role would suit someone with experience supporting ISO 27001 or similar frameworks, with exposure to Cyber Essentials or Cyber Essentials Plus. You’ll be organised, detail-focused and comfortable working across both technical and non-technical teams.

In return, you’ll step into a role with real ownership and play a key part in maintaining high standards of security and compliance across the business.