IT Governance and Compliance Analyst

Are you ready to transform the insurance industry?

Policy Expert is a forward-thinking business that loves to get things done. Leveraging proprietary technology and smart data, we offer reliable products and a wow customer experience.

Having achieved rapid growth since being founded in 2011, we've won over 1.5 million customers in Home, Motor and Pet insurance and have been ranked the UK's No.1-rated home insurer by Review Centre since 2013.

Hear from our team about what it's like working at Policy Expert

• Policy Expert is growing fast, and regulated environments have an annoying habit of caring very deeply about how things are governed, accessed, audited, and documented. This role exists to make sure our technology controls are solid, our compliance story holds up under scrutiny, and audits do not descend into chaos.

If you enjoy order, clarity, and knowing exactly who has access to what (and why), you'll fit right in.

• Maintaining and improving IT governance frameworks, policies, and standards in line with data protection legislation and recognised best practice such as ISO 27001 and Cyber Essentials Plus
• Supporting internal and external audits by completing control testing, running access reviews, and producing clear, accurate evidence
• Performing regular user access audits across systems, including privileged and third-party access
• Supporting Subject Access Requests and other data rights requests alongside the Data Protection Officer, People Experience, and Complaints teams
• Carrying out data discovery, classification, retention, and eDiscovery activities using Microsoft 365 Purview and related compliance tools
• Working closely with Infrastructure, Security, Risk & Compliance, and wider business teams to embed governance into everyday technical operations

You're methodical, trusted with sensitive information, and comfortable operating across both technical and non-technical teams. You care about doing things properly, but you also understand proportional risk and real-world constraints.

We're looking for experience in:

• IT governance, IT audit, information governance, or technical compliance within a regulated environment
• Access controls, audit processes, and IT policy frameworks
• Microsoft 365 compliance tooling, including Purview eDiscovery, Audit, Information Governance, and DLP
• Performing structured and unstructured data searches across email archives, file shares, and collaboration platforms
• Producing clear documentation, reports, and audit evidence
• Communicating technical detail clearly to non-technical stakeholders

• A role with real ownership and visibility across the business
• The chance to shape and mature governance in a growing technology environment
• A collaborative, inclusive culture that genuinely values its people
• Competitive benefits and support, with full details shared during the recruitment process

• This role will be based in our London or Milton Keynes office in a 50/50 Hybrid mode.
• We match your pension contributions up to 7%
• Private medical & Dental cover
• Learning budget of £1,000 a year + Study leave (with encouragement to use it)
• Enhanced maternity & paternity
• Travel season ticket loan
• Access to a wide selection of London O2 events and use of a Private Lounge
• Employee Wellbeing Programme
• Prayer room in Office

We pride ourselves on being an equal opportunity employer. We treat all applications equally and recruit based solely on an individual's skills, knowledge, and experience. The quality and growing diversity of our team is a testament to this commitment

At Policy Expert, we are committed to fostering an inclusive and supportive environment for all candidates. If you require any reasonable adjustments during the interview process to accommodate your needs, please do not hesitate to let us know. We are dedicated to ensuring every candidate has an equal opportunity to succeed and will work with you to provide the necessary support.

We aim to be in touch within 14 working days of your application - you will be notified if successful or unsuccessful. Please be encouraged to apply even if you do not meet all the requirements.