IT Compliance Officer

Overall Purpose

The IT Compliance Officer is responsible for ensuring that the companys IT systems, processes and practices comply with internal policies, regulatory standards, and industry best practices. This role plays a critical part in minimising IT-related risks, maintaining data privacy, and supporting audits and certifications.

Principal Accountabilities

• Develop, implement, and maintain IT compliance policies, procedures, and controls aligned with regulatory and industry standards (e.g., GDPR, ISO 27001, CMMC).
• Monitor IT systems and operations to ensure ongoing compliance and identify potential risks or control gaps.
• Maintain accurate compliance documentation, audit evidence, and regulatory records.
• Track, analyse, and report compliance metrics, risk indicators, and remediation progress to management.
• Stay current with regulatory changes and assess their impact on organisational systems and controls.
• Plan, support, and coordinate internal and external IT audits, including preparation, evidence gathering, and remediation tracking.
• Conduct periodic compliance assessments to identify risks, vulnerabilities, and control deficiencies.

Evaluate and manage third-party compliance risks, including vendor risk assessments and due diligence.

Participate in the investigation, resolution, and documentation of IT and security incidents, ensuring corrective actions are implemented.

Collaborate with IT, security, legal, and business teams to resolve compliance issues and strengthen controls.

Deliver compliance, data protection, and cybersecurity awareness training to staff.

Promote compliance best practices and support a culture of security and accountability across the organisation.

Support out-of-hours escalations and respond to major IT or security incidents where reasonably required.

Travel within and outside the UK as required.

Maintain compliance with Health and Safety policies and contribute to a safe working environment.

To carry out any other tasks where reasonable and relevant, when required

Qualifications

ISO/IEC 27001 Foundation, Lead Implementer, Lead Auditor related certifications

Cyber certifications such as CompTIA Security+ (desirable)

IT certifications such as CompTIA A+, Network+ (desirable)

Essentialrequirements

• Hands-on experience managing or supporting compliance programmes, such as: ISO/IEC 27001,Cyber Essentials / Cyber Essentials Plus, NIST frameworks, EASA Part-IS (for aviation), GDPR / data protection compliance & DFARS/CMMC
• Awareness of security protocols, cryptography, and security technologies
• Ability to analyse risks, incidents, or compliance gaps and propose remediation
• Ability to explain compliance topics clearly to technical and non-technical staff
• Ability and enthusiastic approach to pick up new technologies and learn them
• Ability to work independently while collaborating in a team environment
• Ability to work under pressure and to deadlines
  
  

Desirablerequirements

• Hands on experience of tools such as Microsoft 365 Compliance Centre / Purview
  
  

Company Benefits

• Health Care Cash Plan*
• Contributory Pension Scheme for eligible employees
• Employee Assistance Programme*
• 24 days holiday (in addition to UK Bank and public holidays)
• Life Assurance
• Company Sick Pay Scheme*
• Free car parking
• Early finish on Fridays (1.00pm)
• Flexible Working
• Sports & Social Club
• Cafe facilities at New Facility
• Free Gym membership**
  
  

(*Available after 1 year of service)

(**Available at Rochford site only)

LNKD1_UKTJ