Compliance Officer in Reading

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from CHAMP Cargosystems

CHAMP Cargosystems provides the most comprehensive range of integrated IT solutions and distribution services for the air cargo transport chain. Our portfolio spans core management systems, messaging services, and eCargo solutions. These include applications designed to meet customs and security requirements, quality optimization, as well as e-freight and mobility needs. Our products and services are recognized globally under the Cargospot and Traxon brands.

We serve over 200 airlines and GSAs, connecting them with approximately 3,000 forwarders and GHAs worldwide. Our solutions help customers, and their clients, adapt to the critical and ongoing changes in air transport logistics and meet the demands of global trade.

Headquartered in Luxembourg, CHAMP Cargosystems operates offices in Reading, Zurich, Frankfurt, Manila, Singapore, and Atlanta.

Overview

We are looking for a Compliance Officer to join our Security & GRC team. The role will be reporting to the Chief Information Security Officer. Location: Reading, UK.

Responsibilities

We are seeking a highly skilled Compliance Officer to lead our compliance monitoring, reporting, and certification efforts across multiple regulatory frameworks and industry standards. This role will ensure our organization maintains alignment with evolving regulations (e.g., NIS2, EU Data Act, EU AI Act…) and standards (ISO27001, ISO42000, ISO22301, SOC1, SOC2). The Compliance Officer will leverage ServiceNow GRC to map policy statements, define control objectives, track compliance status, and manage non-conformities. This position is both strategic (monitoring regulations, maintaining certifications) and operational (hands‑on ServiceNow GRC work, facing auditors).

Regulatory & Standards Monitoring

• Analyze and interpret requirements from NIS2, EU Data Act, EU AI Act, and other applicable regulations.
• Maintain awareness of updates to ISO standards (ISO27001, ISO42000, ISO22301) and ensure organizational compliance.

Governance & Policy Management

• Map policy statements and controls in ServiceNow GRC to the regulatory and standards authority documents.
• Create and refine controls and control objectives where gaps exist.
• Continuously improve internal policies and procedures to align with best practices.

Certification & Audit Readiness

• Maintain certifications such as ISO27001 and prepare reports for SOC1 and SOC2.
• Act as the primary point of contact for external auditors, demonstrating compliance posture and evidence.
• Manage remediation of non‑compliance and non‑conformities.

Compliance Reporting & Metrics

• Generate compliance dashboards and reports in ServiceNow to provide real‑time visibility into compliance status.
• Present compliance metrics and risk assessments to senior management.
• Work closely with IT, Security, Legal, Product Development, Project Management and Risk teams to ensure integrated compliance efforts.
• Provide guidance and training to staff on compliance requirements and best practices.

Knowledge, Skills and Abilities

• Proven experience in compliance, cybersecurity governance, or risk management.
• Strong knowledge of regulatory frameworks: NIS2, EU Data Act, EU AI Act.
• Industry standards: ISO27001, ISO42000, ISO22301.
• Audit frameworks: SOC1, SOC2.
• Hands‑on experience with ServiceNow GRC (policy mapping, control objectives, compliance reporting).
• Excellent communication skills with the ability to face auditors and senior stakeholders confidently.
• Analytical mindset with strong problem‑solving skills.

Education and Experience

• Bachelor’s or Master’s degree in Information Security, Law, Risk Management, or related field.
• 7-10 years of experience expected.
• Professional certifications such as CISA, CISM, ISO27001 Lead Auditor/Implementer, or CRISC.
• Experience in multinational compliance environments.
• Familiarity with cloud compliance frameworks (e.g., CSA STAR, ISO/IEC 27017 & 27018, SOC2 for SaaS provider).

The selected candidate may be subject to the provision of an up‑to‑date (not older than 3 months) criminal record certificate.

Security: the successful candidate will have to comply with CHAMP Security Requirements (including but not limited to CHAMP’s IT Security Policies, especially the ISMS Policy and the Acceptable Use Policy, mandatory courses, confidentiality and data protection, use of company assets, and incident reporting).

CHAMP Cargosystems is an equal opportunity employer and prohibits discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions are based on business needs, job requirements and individual qualifications, without regard to race, ethnic background, religion or belief, family or parental status, or any other status protected by the laws or regulations in the locations where we operate.

Please note that any personal data that you submit along with your application will be processed by CHAMP and may be processed by any of its global entities as necessary. These data will be treated in strict compliance with the applicable data protection legislation (i.e. the Law of 2 August 2002 on the protection of individuals with regard to the processing of personal data, as amended, and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, – the GDPR -, which entered into force on 25 May 2018, as well as any other subsequent regulation). Please follow the link to CHAMP Candidates Privacy Notice for further information.