Compliance Officer 12 Month FTC in Antrim

Foods Connected is an award-winning cloud-based software platform that helps retailers and food companies across the world manage their supply chain, quality control, and trading and planning management. Our software solutions are currently utilised by 10 of the largest food retailers in the world. We provide tools that help our customers manage their processes in a fast and efficient way and provide real-time visibility and reporting on what is happening in their business.

We recognise that our employees are our most important asset and we value creating a great working environment to ensure our team enjoy coming into the office every day working together and solving problems for our customers. Whether we are in the middle of a fast and intense development sprint, on a Teams call discussing our project statuses or enjoying a game of ping-pong or pool in the office, it is important to us that our employees are happy and delivering the best possible result for our customers.

This is a 12-month Fixed Term Contract and the role has been designed as an evolution of our existing Compliance Officer position, reflecting Foods Connected's current compliance maturity and near-term transition needs. In the first phase of the role, the Compliance Officer will work closely alongside our current Lead Compliance Officer in a structured shadowing and collaboration model, gaining deep familiarity with Foods Connected's Information Security Management System (ISMS), ongoing ISO 27001 certification obligations, and the active programme of work toward SOC 2 Type II certification. Upon the Lead Compliance Officer commencing maternity leave, the Compliance Officer will transition to working independently, taking full ownership of compliance operations and reporting directly to the Head of IT Security & Compliance.

Throughout both phases, the role requires a strong understanding of technical controls, policy governance, and the realities of operating in a modern SaaS environment. During the initial collaborative period, the focus will be on knowledge transfer, relationship building, and active contribution to ongoing compliance workstreams. In the independent phase, the postholder will take full responsibility for maintaining ISO 27001 certification and driving SOC 2 Type II readiness to successful completion - ensuring continuity, momentum, and rigour across all compliance activity.

The ideal candidate will be based in Derry or Belfast to support closer collaboration with the team. While remote work is possible, a preference will be given to individuals who can work closely with colleagues in person, particularly during key delivery phases or audit cycles.

Responsibilities

• Compliance & Framework Governance - 75%
  • Operate and evolve the ISO 27001-compliant ISMS, including risk management, internal audit scheduling, and control mapping.
  • Lead evidence collection and process development in support of SOC 2 Type II readiness and eventual certification.
  • Drive Foods Connected's efforts toward successful achievement of SOC 2 Type II certification in 2026, ensuring all preparatory and operational milestones are met.
  • Maintain and improve internal information security policies, standards, and procedures aligned with ISO, SOC 2, and internal risk posture.
  • Support internal and external audits, manage remediation actions, and track closure of findings across departments.
  • Coordinate regular reviews of policies and documentation with business stakeholders.
  • Conduct risk and supplier assessments to support procurement, onboarding, and ongoing vendor due diligence.
  • Own and maintain Foods Connected's AI governance framework, ensuring emerging regulatory obligations are understood and acted on.
  • Maintain the risk register and issue tracking, ensuring risks are assessed, owned, and remediated in line with FC's risk management framework.
  • Own and facilitate the ISMS quarterly meeting and quarterly risk review cycle, including ELT compliance reporting.
  • Maintain detailed audit trails of compliance evidence using structured systems.
  • Engage and support engineering, DevOps, and security teams in the implementation of compliant controls and practices (e.g., access control, change management, incident response).
  • Develop, monitor, and maintain key performance indicators (KPIs) to measure and optimise the effectiveness and maturity of the ISMS over time.
  • Monitor regulatory trends and translate them into practical guidance for the business.
• Cross-functional Collaboration & Enablement - 20%
  • Provide compliance advisory support to engineering, product, HR, operations, and finance teams as needed.
  • Support the delivery of security awareness and compliance training across the business.
  • Assist in customer security assessments, due diligence questionnaires, and RFP responses as required.
  • Collaborate with internal stakeholders to ensure data protection and privacy practices are consistently applied.
  • Manage customer security commitments and contractual obligations.
• Continuous Improvement - 5%
  • Recommend and implement improvements to compliance tools, workflows, and documentation processes.
  • Identify automation or streamlining opportunities for recurring audit and evidence tasks.

Experience and Qualifications

To perform this job successfully, the Compliance Officer should have experience with:

• Minimum Qualifications
  • Bachelor's degree (or equivalent practical experience) in a relevant field such as Information Security, Computer Science, Business Governance, or Risk Management.
  • Proven, hands-on experience operating within an ISO 27001-certified environment is essential, including practical involvement in ISMS maintenance, audits, and continuous improvement.
  • Significant experience with SOC 2 compliance is highly desirable, with a strong preference for candidates who have actively contributed to or led the implementation of SOC 2 Type II certification in a growing organisation.
  • Experience working in a SaaS or cloud-native environment is strongly preferred, particularly where compliance must be aligned with technical controls, DevOps practices, and platform security.
  • ISO 27001 Lead Implementer or Auditor.
  • CISA, CRISC, CISSP, or equivalent governance/audit credentials.
• Technical & Compliance Skills
  • Strong knowledge of ISO 27001, SOC 2 Trust Services Criteria, and information security best practices.
  • Experience with GRC tooling (e.g. Vanta, Drata, or equivalent) for evidence collection, control tracking, and audit/risk management.
  • Knowledge of data protection and privacy legislation (GDPR / UK GDPR) and its application in a SaaS environment (preferred).
  • Familiarity with cloud-native environments (Microsoft Azure preferred) and associated security controls.
  • Understanding of key control areas including access management, secure development, backup and DR, and incident response.
  • Experience with policy development, risk registers, and audit trail documentation.

Benefits

• Competitive Base Salary
• Generous Holiday Package - 25 Days + 10 Public Holidays
• Private Medical, Dental & Vision
• Employee Wellness Program and Classes
• Flexible model of hybrid working