Compliance and Information Governance Manager

Compliance and Information Governance Manager

Why PE backed / high growth SaaS Vendor

Location - remote in England, travel to Reading area office monthly

• Have you been a Compliance, Data Protection, or Information Governance role in a growing technology or SaaS business?
• Do you have strong Data Protection, GDPR, and Governance experience and knowledge?
• Do you want to build and shape a commercially minded Compliance function?

A PE backed and growing SaaS vendor are looking for a Compliance and Information Governance Manager. This is a hands-on, delivery-focused role responsible for operating and maintaining the organisation’s data protection, information security, ISO27001, and compliance policy frameworks. The role is operational in nature, not legal or strategic, and focuses on execution, maintenance, and evidence of compliance in day-to-day operations.

This is a great opportunity to use your experience and knowledge to shape the role, function, and growth of the business.

Compliance and Information Governance Manager - Responsibilities

• Operate and maintain GDPR governance (RoPA, DPIAs, SARs, RTBF)
• Act as the company DPO with reporting line to the CEO for this activity
• Act as operational data protection lead
• Maintain and operate ISO27001 and ISMS artefacts
• Support audits, evidence collation and remediation tracking
• Maintain risk register and compliance action plans
• Own internal compliance policy lifecycle Support customer and vendor assurance (DDQs)
• Support compliance aspects of incidents and escalations
• Embed compliance into IT, Product and Operational processes

Compliance and Information Governance Manager - Requirements

• 8+ years' experience in compliance, data protection or information governance
• Proven GDPR operational ownership in SaaS or regulated environments
• ISO27001 audit readiness and maintenance experience
• Experience working closely with technology and engineering teams
• Degree-level qualification or equivalent professional experience in Information Security, IT, Computer Science, Data Protection, Compliance or Risk Management
• Demonstrable experience operating compliance frameworks within technology-led or SaaS environments
• Certified Data Protection Officer (DPO)
• ISO 27001 Lead Auditor
• Recognised GDPR practitioner certification (UK GDPR and/or EU GDPR

For more information please contact Katie at Matched Group