Security Compliance Officer Location: Colchester - Essex - must be commutableSector: Software & IT Services
NO VISA SPONSORSHIP - MUST HAVE VALID RIGHT TO WORK
A leading software and IT services company is seeking a Security Compliance Officer with experience in Cyber Essentials and/or Cyber Essentials Plus to take ownership of security compliance and certification activities across both internal systems and client environments.
This is a key hire within a growing technical organisation where cybersecurity assurance, governance, and compliance are increasingly central to customer delivery and commercial growth.
Key Responsibilities
* Lead and manage Cyber Essentials and Cyber Essentials Plus (CE+) assessments and certification activities
* Maintain and improve compliance with key frameworks including ISO 27001, GDPR, and internal security policies
* Conduct internal security audits, control reviews, and risk assessments
* Support evidence collection and audit readiness across technical teams
* Work closely with IT support, DevOps, and engineering teams to ensure security controls are implemented and maintained
* Handle client-facing security questionnaires and compliance requirements
* Assist in improving the organisation's overall security posture and governance framework
Required Experience
* Experience working with Cyber Essentials and/or Cyber Essentials Plus frameworks and assessments
* Strong understanding of Cyber Essentials / Cyber Essentials Plus requirements
* Experience in information security, compliance, GRC, or IT security roles
* Familiarity with ISO 27001 or similar security frameworks
* Experience working with technical teams (MSP, software, or IT environments preferred)
Desirable
* IASME Cyber Essentials Assessor/Auditor qualification
* ISO 27001 Lead Auditor or Implementation experience
* CISSP, CISM, CISA, or equivalent certifications
* Experience within MSP, SaaS, or software delivery environments
* Exposure to client-facing compliance or consultancy work
What's on Offer
* Hybrid working (Essex-based office with flexibility)
* Opportunity to own and shape security compliance in a growing technical business
* Exposure to both internal security operations and external client compliance requirements
* Strong career progression into GRC, Security Manager, or Head of Compliance roles