Compliance Manager (Information Security)

Join an experienced Compliance department to assist with Thrive’s corporate compliance requirements and initiatives. This position requires experience with UK and EU data privacy requirements, and with preparing for and leading ISO and Cyber Essentials / Cyber Essentials Plus audits. This position will serve as the local point of contact for the compliance team and manage compliance responsibilities in-region which include responding to due diligence requests, developing and maintaining policies and procedures, and participating in risk identification and management exercises.

• Prepare for and manage (including interfacing with auditors) the organization’s ongoing ISO 27001, 9001, and 14001 certification initiatives.
• Prepare for and manage the organization’s Cyber Essentials and Cyber Essentials Plus audit engagements.
• Work with the wider Compliance team to develop and maintain policies and procedures and conduct internal training on compliance requirements.
• Complete due diligence questionnaires in a timely manner as requested by clients and sales / account management representatives.
• Assist with evaluating new acquisitions to determine if there are any new compliance requirements or challenges to existing requirements.
• Remain abreast of the current IT Compliance and Cyber regulatory environment to inform the business of any missing requirements.

• 3-5 years of experience with ISO 27001 and Cyber Essentials / Cyber Essentials Plus audits (ISO 9001 and 14001 a plus).
• Bachelors (or equivalent) degree in computer science, cybersecurity, or a related technical field.
• Relevant industry certification(s) including CISSP, CISA, CISM, CCISO, etc.
• Strong written and verbal communication skills.
• Strong interpersonal skills.
• Strong organisational skills and attention to detail.