Current roles
Senior Compliance Lead
This is not a compliance role for someone who wants to sit behind a desk. It's for someone who wants to use compliance as a lever to win deals, accelerate customers, and shape an industry narrative.
Help us scale smarter, faster, and with purpose
Since 2005, we’ve helped organisations achieve their goals through simple, sustainable, and scalable information security. What started as a solution to help UK police forces share sensitive data securely has grown into a global SaaS platform — IO — trusted by thousands of businesses worldwide.
We’re growing fast. Backed by private equity investment and with customers across the UK, Europe, the US, and APAC, we’re expanding our team and doubling down on our mission: to set the standard for information security management and deliver compliance confidence through our exceptional people, process, and platform.
That’s where you come in.
About the role
IO helps organisations in regulated markets build resilience, prove trust, and expand faster. We believe governance done well is a competitive advantage, and we need someone to prove it from the inside out.
This is not a compliance role for someone who wants to sit behind a desk. It’s for someone who wants to use compliance as a lever to win deals, accelerate customers, and shape an industry narrative.
You will own IO’s internal compliance programme, but that’s the foundation, not the job. Every certification we hold, every control we implement, every process we streamline gets turned outward into sales conversations, customer blueprints, and partner playbooks. When a prospect asks “does this actually work?”, you’re part of the answer.
You will be visible: in the market, at events, in customer conversations, and in the compliance community. A practitioner who runs a real programme on the platform every day, not someone reading from a slide deck.
You will report to the Chief Product Officer because what you learn in the field shapes what we build, and your experience defines what “good” looks like for the 65,000+ users who rely on IO to do the same.
The role is based in the UK and applicants will require independent right to live and work in the UK.
What you’ll be doing
Build and Own the Reference Implementation
- Own IO’s compliance posture across ISO 27001, ISO 27701, ISO 42001, Cyber Essentials, and actively pursue certifications aligned to the platform roadmap so IO can credibly say “we did it first.”
- Build a living, breathing reference implementation of our Resilience Loop – covering Info Sec, Privacy and AI governance. A living model of how to run a multi-framework compliance programme using the IO platform. With measurable outcomes that can be shown to prospects, customers, and partners.
- Lead internal and external audit cycles. Maintain the risk register, statement of applicability, and all supporting documentation as current, meaningful artefacts, not shelf-ware.
Drive Customer Health and Partner Scale
- Collaborate with Customer Success and Professional Services to define healthy deployment patterns grounded in how IO uses our own platform.
- Translate internal workflows into proven methods to reduce the time to implementation for customers.
- Feed operational learnings back into the customer journey and the product — if a process is hard for IO, it’s hard for customers too.
Shape the Product and Embed Governance
- Be the platform’s most knowledgeable internal user, providing structured product feedback grounded in real compliance operations. This role sits within the Product team for good reason.
- Redesign internal processes to be lighter, faster, and easier to follow, embedding compliance into everyday workflows across every function.
- Act as a trusted adviser to senior leadership on governance, risk, and compliance matters.
Be a Visible Voice for Modern Governance
- Build a recognised presence through LinkedIn, conferences, podcasts, joining IO’s thought leadership programme including acting as a spokesperson for our annual State of Information Security Report.
- Deliver engaging internal awareness sessions and training that shift the internal narrative so compliance is seen as something that makes IO stronger.
- Represent IO externally as a practitioner who uses the product every day.
- Stay ahead of emerging standards, regulatory shifts, industry best practice, and bring that intelligence back into the business.
What you bring
Must-haves
- Significant experience managing multi-framework compliance programmes including ISO 27001 and at least one of: ISO 27701, ISO 42001, SOC 2, Cyber Essentials, NIS2 or DORA.
- A track record of simplifying compliance and making governance accessible to non-specialist teams.
- Experience in SaaS or technology companies, ideally product led.
- The ability to translate compliance outcomes into commercial value across Sales, Customer Success, or Partnerships.
- Confidence communicating governance to any audience and a working knowledge of the UK and EU regulatory landscape relevant to IO’s customers including NIS 2, DORA, and the EU AI Act.
Nice to haves
- Experience building a reference implementation, centre of excellence, or internal best-practice function.
- Hands-on experience with GRC platforms and an existing professional profile in the governance community.
- Lead Auditor or Lead Implementer certification, or experience creating playbooks and enablement materials for partners.
Why you’ll love it here
- A fast-paced, growing business where you can move quickly and make a real difference.
- A team that values collaboration, ownership, and smart experimentation.
- A product that solves meaningful problems and gets real results for customers.
- A supportive environment where you’ll be trusted to lead and encouraged to grow.
This is a standout opportunity for someone who wants to take ownership, build at pace, and play a key role in scaling a SaaS business with a purpose. Sound like you? Let’s talk.
