Compliance & Security Manager (GRC)

Permanent

Remote (UK-based)

ISO 27001 Lead Implementer or Lead Auditor certification — essential

 

An opportunity to take real ownership of security and compliance at a fast-growing tech company. Our client, a leading software business with an ambitious global growth trajectory, is looking for a Security & Compliance / GRC Manager to become the go-to expert across information security, data protection and regulatory compliance.

This isn't a tick-box compliance role. You'll shape how the business protects its customers' data, navigates complex commercial negotiations, and scales its compliance programme as it enters new markets and meets new regulatory demands.

 

What the successful Security & Compliance Analyst will do:

• Own and maintain security and compliance documentation including policies, procedures, and support materials across information security and compliance programmes
• Take full ownership of ISO 27001 certification — driving continuous improvement and leading preparation for internal and external audits
• Manage the internal Data Protection compliance programme, ensuring adherence to UK GDPR, EU GDPR, CCPA and other applicable global regulations
• Partner with commercial teams to navigate complex security and compliance negotiations, removing deal blockers and standardising processes
• Own third-party supplier risk management, identifying and mitigating vendor risk across the supply chain
• Contribute to the implementation of additional frameworks and standards such as NIST, FedRAMP and others as the business scales internationally
• Identify opportunities to streamline onboarding, security reviews and compliance workflows through smarter documentation and process design

 

What we are looking for in the successful Security & Compliance Analyst:

• Proven experience in a GRC or info-sec role within a technology company
• ISO 27001 Lead Implementer or Lead Auditor certification — essential
• In-depth, hands-on knowledge of ISO 27001 implementation and ongoing certification management
• A strong track record of managing global data protection compliance including GDPR and CCPA
• Familiarity with general compliance obligations such as Modern Slavery, AML and Anti-Bribery
• Understanding of AWS cloud infrastructure and application security principles
• A technical mindset with the ability to thrive in a fast-moving, ever-evolving environment
• Excellent communication skills and a genuine passion for delivering a great customer experience

 

Great to have:

• Degree in Computer Science, Information Security, Cybersecurity, Data Protection, Information Governance or Risk
• Recognised qualifications such as CISSP or CompTIA Security+
• Exposure to frameworks including NIST, HIPAA, FedRAMP or DORA
• Knowledge of DevOps or DevSecOps practices
• Prior experience of a scale-up or growth-stage SaaS company

 

**Please note**

• Due to the security clearance requirements for this role, applicants must be eligible for [SC/DV] clearance. Eligibility criteria mean that candidates must have been a UK resident for a minimum of 5 years and hold the right to work in the UK.

 

Rewards & Benefits:

• Remote-first role with flexibility across the UK
• Long Term Incentive scheme eligibility
• Personal development budget of c£1.5k per year for courses and certifications
• Top-spec hardware provided
• BUPA healthcare, life insurance and critical illness cover
• Discounted gym membership & broader range of health and wellbeing benefits

 

Keywords: Security & Compliance Manager, GRC Manager ,Security & Compliance Analyst, GRC Analyst, Information Security Analyst, ISO 27001, Data Protection, GDPR, CCPA, UK GDPR, EU GDPR, GRC, Risk & Compliance, Third Party Risk, Supplier Risk, FedRAMP, NIST, HIPAA, DORA, AWS, Cloud Security, DevOps, Application Security, DevSecOps, Compliance Manager, Data Protection Officer, Privacy, Cybersecurity, Information Governance

Cryptography Engineer
Permanent
Northwich, Macclesfield, Knutsford, Wilmslow

Join our clients specialist team, safeguarding critical infrastructure through advanced cryptographic solutions. As a Cryptography Engineer, you’ll design, implement, and manage secure encryption frameworks that protect sensitive data and ensure compliance with industry standards. This is a hands-on role where you’ll collaborate with cross-functional teams to embed Zero Trust principles and maintain robust security across systems and networks.

What the successful Cryptography Engineer will do:
• Design and maintain secure cryptographic systems, including SSH-based frameworks and PKI solutions.
• Configure, administer, and maintain HSM devices, including secure onsite activities and lifecycle management.

• Implement key management processes and encryption standards aligned with regulatory and internal security policies.
• Collaborate with system, network, and security teams to integrate secure connectivity and harden critical infrastructure.
• Support Zero Trust architecture initiatives and manage secure tunnelling protocols.
• Participate in 24/7 on-call rotation to resolve urgent cryptographic or access-related incidents and maintain service continuity.
• Drive automation and monitoring enhancements to improve resilience and efficiency.

What we are looking for in the successful Cryptography Engineer:
• Strong expertise in cryptography, PKI, and SSH key management.

• Current, hands‑on expertise in HSM configuration, installation, support, and secure component handling.
• Solid understanding of Unix/Linux/Windows system administration.
• Experience with networking and security troubleshooting.
• Advances scripting skills in Python or Go for automation and integration tasks.
• Familiarity with financial security standards such as ISO 27001, NIST, and FIPS 140-3.
• A proactive, analytical mindset with the ability to assess risk and implement secure solutions.

Rewards & Benefits
• Competitive salary and performance-based bonus.
• Comprehensive pension and health benefits.
• Flexible working arrangements with opportunities for career progression.
• Access to continuous learning, certifications, and technical development programs.

Keywords
Cryptography Engineer, Cryptography Specialist, Encryption Engineer, PKI Engineer, Security Engineer, HSM, Hardware Security Modules, PKI, SSH, Encryption, Key Management, Zero Trust, Security, Python, Go, Golang, ISO 27001, NIST, FIPS 140-3, Zero Trust principles, SSH tunnelling, Hardening systems