Compliance Officer

Join to apply for the Compliance Officer role at Foods Connected Ltd

Foods Connected is a cloud based software platform that helps retailers and food companies across the world manage their supply chain, quality control and trading and planning management. As a team, we provide tools that help our customers manage their processes in a fast and efficient way and provide real-time visibility and reporting on what is happening in their business. At Foods Connected, we recognise that our employees are our most important asset and we value creating a great working environment to ensure our team enjoy working together and solving problems for our customers.

We’re always keen to welcome talented individuals to join our team. So if you’re driven, with a passion for developing simple software solutions, creating great user experiences, designing scalable solutions for real business challenges and ensuring customer happiness then we’re looking for you!

IS THIS SOMETHING THAT INTERESTS YOU?

What you will be doing

The Compliance Officer will take on the following responsibilities:

• Operate and evolve the ISO 27001-compliant ISMS, including risk management, internal audit scheduling, and control mapping.
• Lead evidence collection and process development in support of SOC 2 Type II readiness and eventual certification.
• Drive the organisation\’s efforts toward successful achievement of SOC 2 Type II certification in 2026, ensuring all preparatory and operational milestones are met.
• Maintain and improve internal information security policies, standards, and procedures aligned with ISO, SOC 2, and internal risk posture.
• Support internal and external audits, manage remediation actions, and track closure of findings across departments.
• Coordinate regular reviews of policies and documentation with business stakeholders.
• Conduct risk and supplier assessments to support procurement, onboarding, and ongoing vendor due diligence.
• Maintain detailed audit trails of compliance evidence using structured systems.
• Engage and support engineering, DevOps, and security teams in the implementation of compliant controls and practices (e.g., access control, change management, incident response).
• Develop, monitor, and maintain key performance indicators (KPIs) to measure and optimise the effectiveness and maturity of the ISMS over time.
• Monitor regulatory trends and translate them into practical guidance for the business.

Cross-functional Collaboration & Enablement

• Provide compliance advisory support to engineering, product, HR, operations, and finance teams as needed.
• Support the delivery of security awareness and compliance training across the business.
• Assist in customer security assessments, due diligence questionnaires, and RFP responses as required.
• Collaborate with internal stakeholders to ensure data protection and privacy practices are consistently applied.
• Recommend and implement improvements to compliance tools, workflows, and documentation processes.
• Identify automation or streamlining opportunities for recurring audit and evidence tasks.

What we are looking for

The successful candidate will demonstrate the following essential attributes:

Minimum Qualifications

• Bachelor’s degree (or equivalent practical experience) in a relevant field such as Information Security, Computer Science, Business Governance, or Risk Management.
• Proven, hands-on experience operating within an ISO 27001-certified environment is essential, including practical involvement in ISMS maintenance, audits, and continuous improvement.
• Significant experience with SOC 2 compliance is highly desirable, with a strong preference for candidates who have actively contributed to or led the implementation of SOC 2 Type II certification in a growing organisation.
• Experience working in a SaaS or cloud-native environment is strongly preferred, particularly where compliance must be aligned with technical controls, DevOps practices, and platform security.

Qualifications (preferred but not required)

• ISO 27001 Lead Implementer or Auditor
• CISA, CRISC, CISSP, or equivalent governance/audit credentials

Technical & Compliance Skills

• Strong knowledge of ISO 27001, SOC 2 Trust Services Criteria, and information security best practices.
• Familiarity with cloud-native environments (Microsoft Azure preferred) and associated security controls.
• Understanding of key control areas including access management, secure development, backup and DR, and incident response.
• Experience with policy development, risk registers, and audit trail documentation.

We are excited to consider candidates who can contribute to a compliance-first culture and help scale Foods Connected globally.