Compliance Officer

A LITTLE INFORMATION ABOUT US!

Foods Connected is a cloud based software platform that helps retailers and food companies across the world manage their supply chain, quality control and trading and planning management. As a team, we provide tools that help our customers manage their processes in a fast and efficient way and provide real‑time visibility and reporting on what is happening in their business. At Foods Connected, we recognise that our employees are our most important asset and we value creating a great working environment to ensure our team enjoy working together and solving problems for our customers. Whether we are in the middle of a fast and intense development sprint, on a Teams call discussing our project statuses or enjoying a game of ping‑pong or pool in the office, it is important to us that our employees are happy and delivering the best possible result for our customers.

We\’re always keen to welcome talented individuals to join our team. So if you\’re driven, with a passion for developing simple software solutions, creating great user experiences, designing scalable solutions for real business challenges and ensuring customer happiness then we\’re looking for you!

IS THIS SOMETHING THAT INTERESTS YOU?

As a senior member of the Engineering team, the Compliance Officer will lead the ongoing development and operationalisation of Foods Connected\’s compliance frameworks, including ISO 27001 and SOC 2. You will ensure our Information Security Management System (ISMS) remains robust, audit‑ready, and aligned with industry standards as we continue to scale our SaaS offering globally.

Working closely with security, engineering, and business stakeholders, you will help foster a compliance‑first culture and embed regulatory best practices into our internal processes. This is a hands‑on, highly collaborative role requiring a strong understanding of technical controls, policy governance, and the realities of operating in a modern SaaS environment.

The ideal candidate will be based in Derry or Belfast to support closer collaboration with the team. While remote work is possible, a preference will be given to individuals who can work closely with colleagues in person, particularly during key delivery phases or audit cycles.

What you will be doing

Compliance & Framework Governance – 75%

• Operate and evolve the ISO 27001‑compliant ISMS, including risk management, internal audit scheduling, and control mapping.
• Lead evidence collection and process development in support of SOC 2 Type II readiness and eventual certification.
• Drive the organisation\’s efforts toward successful achievement of SOC 2 Type II certification in 2026, ensuring all preparatory and operational milestones are met.
• Maintain and improve internal information security policies, standards, and procedures aligned with ISO, SOC 2, and internal risk posture.
• Support internal and external audits, manage remediation actions, and track closure of findings across departments.
• Coordinate regular reviews of policies and documentation with business stakeholders.
• Conduct risk and supplier assessments to support procurement, onboarding, and ongoing vendor due diligence.
• Maintain detailed audit trails of compliance evidence using structured systems.
• Engage and support engineering, DevOps, and security teams in the implementation of compliant controls and practices (e.g., access control, change management, incident response).
• Develop, monitor, and maintain key performance indicators (KPIs) to measure and optimise the effectiveness and maturity of the ISMS over time.
• Monitor regulatory trends and translate them into practical guidance for the business.

Cross‑functional Collaboration & Enablement – 20%

• Provide compliance advisory support to engineering, product, HR, operations, and finance teams as needed.
• Support the delivery of security awareness and compliance training across the business.
• Assist in customer security assessments, due diligence questionnaires, and RFP responses as required.
• Collaborate with internal stakeholders to ensure data protection and privacy practices are consistently applied.

Continuous Improvement – 5%

• Recommend and implement improvements to compliance tools, workflows, and documentation processes.
• Identify automation or streamlining opportunities for recurring audit and evidence tasks.

What we are looking for

Minimum Qualifications

• Bachelor\’s degree (or equivalent practical experience) in a relevant field such as Information Security, Computer Science, Business Governance, or Risk Management.
• Proven, hands‑on experience operating within an ISO 27001‑certified environment is essential, including practical involvement in ISMS maintenance, audits, and continuous improvement.
• Significant experience with SOC 2 compliance is highly desirable, with a strong preference for candidates who have actively contributed to or led the implementation of SOC 2 Type II certification in a growing organisation.
• Experience working in a SaaS or cloud‑native environment is strongly preferred, particularly where compliance must be aligned with technical controls, DevOps practices, and platform security.

Qualifications (preferred but not required)

• ISO 27001 Lead Implementer or Auditor
• CISA, CRISC, CISSP, or equivalent governance/audit credentials

Technical & Compliance Skills

• Strong knowledge of ISO 27001, SOC 2 Trust Services Criteria, and information security best practices.
• Familiarity with cloud‑native environments (Microsoft Azure preferred) and associated security controls.
• Understanding of key control areas including access management, secure development, backup and DR, and incident response.
• Experience with policy development, risk registers, and audit trail documentation.

Benefits:

• Competitive Base Salary
• Clear Career Progression
• Generous Holiday Package – 25 Days + 10 Public Holidays
• Secure Company Hardware
• Employee Wellness Program and Classes