Compliance Analyst

CompanyLuminance

LocationCambridge, England, United Kingdom

Posted At2/19/2026

UK Visa Sponsorship Analytics

Occupation Type

Quality assurance and regulatory professionals

Occupation Code Skill LevelHigher Skilled

Sponsorship Salary Threshold

£48,200 (£24.72 per hour)

Occupation rate applies

Above analytics are generated algorithmically based on job titles and may not always be the same as the company's job classification. You can also check detailed occupation eligibility, and salary criteria on our UK Visa Eligible Occupations & Salary Thresholds page.

Disclaimer: Hunt UK Visa Sponsors aggregates job listings from publicly available sources, such as search engines, to assist with your job hunting. We do not claim affiliation with Luminance. For the most up-to-date job details, please visit the official website by clicking "Apply Now."

Description

This is a fantastic opportunity to join Luminance, the pioneer of Legal-Grade™ AI for enterprise. Backed by internationally renowned VCs and named in both the Forbes AI 50 list of ‘Most Promising Private AI Companies in the World' and Inc. 5000's ‘Fastest Growing Companies in America', Luminance is disrupting the legal profession around the globe.

Luminance is seeking a hands-on Compliance Analyst to support the operation and continuous improvement of our information security compliance programmes, including ISO/IEC 27001:2022, SOC 2 (Type I & II), and CMMC Level 1.

This role is responsible for maintaining audit defensibility while ensuring compliance processes are proportionate, scalable, and aligned with business growth. The successful candidate will work closely with Security, Procurement, Legal, and Engineering teams to embed structured, pragmatic, and repeatable compliance practices across the organisation.

Responsibilities

Compliance Programme Management

Maintain and operate the ISO/IEC 27001:2022 ISMS
Support ongoing SOC 2 (Type II) and CMMC Level 1 compliance programmes
Manage compliance calendars, testing cycles, and control monitoring activities
Coordinate external audits (ISO surveillance/recertification, SOC 2, CMMC)

Control Monitoring & Evidence Management

Perform periodic control checks and collect, validate, and organise audit evidence
Track nonconformities, findings, and corrective actions through to closure
Escalate material control gaps or risks to the Information Security Manager

Third-Party Risk & Supplier Due Diligence

Define and operate a proportionate, tiered supplier due diligence model
Work with Procurement to ensure appropriate questionnaires and documentation are issued and completed
Perform contextual risk assessments and provide compliance sign-off

Partner with Legal where contractual or regulatory review is required

Process Design & Scalability

Formalise structured, repeatable compliance workflows that scale with business growth
Identify opportunities to reduce manual effort through automation or process improvement
Maintain and evolve the risk register and remediation tracking processes
Support awareness and training initiatives to improve organisational compliance maturity

Requirements

Demonstrable experience in information security compliance, IT audit, or Governance, Risk & Compliance (GRC)
Working knowledge of ISO/IEC 27001:2022 and/or SOC 2 Trust Services Criteria
Experience supporting audits and managing evidence collection
Strong organisational, documentation, and stakeholder coordination skills
Ability to interpret regulatory and control requirements and translate them into practical business processes
Excellent written and verbal communication skills

Desirable (but Not Essential)

ISO 27001 Internal Auditor certification
Experience in SaaS or cloud-based environments
Familiarity with CMMC and NIST SP 800 frameworks
Working knowledge of risk management frameworks (ISO 31000, NIST RMF, FAIR)
Experience with GRC platforms (e.g., Drata, Vanta, Secureframe)
Exposure to AWS security controls