Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Strengthen security governance and ensure audit readiness through compliance processes.
- Company: Join a forward-thinking tech company making headlines in innovation.
- Benefits: Competitive salary, hybrid work model, and opportunities for professional growth.
- Why this job: Make a real impact on security practices while collaborating with diverse teams.
- Qualifications: Experience in security compliance and knowledge of frameworks like ISO and NIST.
- Other info: Dynamic environment with a focus on continuous improvement and automation.
The predicted salary is between 48000 - 84000 £ per year.
Company Overview
One of the UK's most forward‑thinking technology companies, recognised for its innovative approach and regularly making headlines across the public domain.
About the Role
We are seeking a Security Governance & Compliance Analyst to strengthen the organisation's security governance capabilities and ensure ongoing audit readiness. This role involves building structured, scalable compliance processes, supporting external certifications, and enhancing the organisation's overall security maturity. Working closely with teams across Security, Engineering, Legal, and Procurement, you'll help interpret complex standards, streamline assurance activities, and embed secure‑by‑design practices across the business.
Core Areas of Responsibility
- Assurance Activities & Evidence Stewardship - Perform routine assurance checks across key security domains including IAM, secure configuration baselines, data protection controls, vulnerability management, and logging/monitoring. Maintain well‑structured, audit‑ready evidence repositories for internal reviews and external assessments. Track findings, control exceptions, and remediation activities through to completion. Escalate material risks or recurring control gaps to senior security stakeholders.
- Governance of Compliance Standards & Frameworks - Support compliance activities across frameworks such as ISO/IEC 27001:2022, SOC 2 Type II, and CMMC‑aligned requirements. Help coordinate internal and external audits, including evidence preparation, walkthroughs, sampling, and remediation validation. Contribute to a continuous monitoring model rather than point‑in‑time audit preparation. Support the creation, review, and maintenance of policies, standards, and procedures.
- Supplier & Partner Assurance - Operate a risk‑based supplier assurance framework to evaluate vendor compliance across cloud security, data handling, resilience, and access governance. Review supplier questionnaires and documentation; identify risks and recommend mitigation. Provide compliance sign‑off during procurement and onboarding cycles. Work with Legal and Procurement to ensure contractual and regulatory obligations are addressed.
- Process Engineering, Scalability & Continuous Improvement - Design and refine scalable governance and compliance workflows that support business growth. Identify opportunities for automation using GRC platforms and workflow tooling. Maintain and update the enterprise risk register. Support internal training and awareness programmes.
What You'll Bring
- Experience in security compliance, IT audit, cyber governance, or GRC-related roles.
- Knowledge of frameworks such as ISO/IEC 27001:2022, SOC 2, NIST standards.
- Strong understanding of cloud-security principles including IAM, encryption, monitoring, logging, configuration hardening, and shared responsibility models.
- Ability to translate regulatory and control requirements into clear business processes.
- Excellent communication skills.
- Strong organisational and documentation skills.
Relevant Qualifications
- ISO 27001 Internal Auditor, Lead Implementer, or Lead Auditor.
- NIST CSF Practitioner or NIST SP 800‑171/CMMC‑related certifications.
- CompTIA Security+ or CySA+.
- (ISC)² CC, SSCP, or CISSP.
- CISM or CRISC.
- CISA.
- AWS Security Specialty, Azure Security Engineer, or Google Cloud Security Engineer.
Nice to Have
- Experience in cloud-native, SaaS, or high-growth tech environments.
- Familiarity with NIST SP 800‑171, NIST CSF, or CMMC frameworks.
- Understanding of risk methodologies (ISO 31000, FAIR, NIST RMF).
- Experience with GRC platforms such as Drata, Vanta, Secureframe, Hyperproof, or Tugboat Logic.
- Experience with AWS security tools including GuardDuty, CloudTrail, KMS, Config, Security Hub.
About Adecco
Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this position.
Keywords: Zero Trust, RBAC, MFA, IAM governance, CSPM, SIEM, SOAR, AWS Config, CloudTrail, GuardDuty, cloud security posture, encryption at rest, encryption in transit, vulnerability scanning, patch management, data classification, DevSecOps, secure SDLC, evidence automation, continuous compliance, threat modelling, risk scoring, audit readiness, SOC 2 Trust Services Criteria, ISO 27001 Annex A controls.
Security Governance & Compliance Analyst - NIST, ISO in Cambridge employer: Adecco
Contact Detail:
Adecco Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Security Governance & Compliance Analyst - NIST, ISO in Cambridge
✨Tip Number 1
Network like a pro! Attend industry events, webinars, or local meetups related to security governance and compliance. It's a great way to meet people in the field and get your name out there.
✨Tip Number 2
Don’t just apply; engage! When you find a role that excites you, reach out to current employees on LinkedIn. Ask them about their experiences and what they love about the company. This can give you insider info and make your application stand out.
✨Tip Number 3
Prepare for interviews by brushing up on key frameworks like ISO/IEC 27001 and NIST standards. Be ready to discuss how you've applied these in past roles. Show them you know your stuff!
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who take the initiative to connect directly with us.
We think you need these skills to ace Security Governance & Compliance Analyst - NIST, ISO in Cambridge
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the role of Security Governance & Compliance Analyst. Highlight your experience with frameworks like ISO/IEC 27001 and NIST, and showcase any relevant certifications you have. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about security governance and compliance. Share specific examples of how you've contributed to similar roles in the past. Remember, we love a good story that shows your personality!
Showcase Your Communication Skills: As a Security Governance & Compliance Analyst, you'll need to communicate complex standards clearly. In your application, demonstrate your ability to translate technical jargon into understandable language. We appreciate candidates who can bridge the gap between tech and business!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it gives you a chance to explore more about our company culture and values!
How to prepare for a job interview at Adecco
✨Know Your Frameworks
Make sure you brush up on the key compliance frameworks mentioned in the job description, like ISO/IEC 27001:2022 and NIST standards. Being able to discuss these frameworks confidently will show that you understand the role's requirements and can hit the ground running.
✨Prepare for Assurance Activities
Familiarise yourself with assurance activities and evidence stewardship. Think of examples from your past experience where you've performed routine checks or maintained audit-ready evidence. This will help you demonstrate your practical knowledge during the interview.
✨Showcase Your Communication Skills
Since this role involves working closely with various teams, be ready to highlight your communication skills. Prepare examples of how you've effectively communicated complex security concepts to non-technical stakeholders, as this will be crucial in your potential new role.
✨Think Process Improvement
The job requires designing scalable governance workflows, so come prepared with ideas on how you would approach process engineering. Discuss any previous experiences where you've identified opportunities for automation or continuous improvement, as this will align well with the company's goals.