At a Glance
- Tasks: Lead security compliance programs and manage audit readiness across the organisation.
- Company: Join Cayenta, a dynamic division of Harris, focused on innovation in public sector software.
- Benefits: Enjoy 3 weeks vacation, comprehensive health benefits, and remote work flexibility.
- Other info: Work autonomously in a collaborative environment with excellent career growth opportunities.
- Why this job: Make a real impact by enhancing security frameworks and reducing customer risk.
- Qualifications: 5+ years in information security compliance with hands-on SOC 2 Type II experience.
The predicted salary is between 95000 - 100000 £ per year.
Cayenta, a division of Harris, is seeking a Security Governance & Compliance Specialist who will lead the design, implementation, and ongoing oversight of the organization's compliance frameworks. This role involves providing security controls across our product and cloud environments, reducing customer risk, improving audit outcomes, and strengthening resilience through measurable, automated governance. This is a senior individual contributor role with broad influence across all teams, including Legal. This remote role welcomes candidates anywhere in Canada. Preference will be given to candidates who can work in PST timezone.
Key Responsibilities
- Identify, assess, and support the management of information security risks across the organization.
- Own and manage the organization's security compliance programs, including SOC 2 Type II, ISO 27001, ISO 42001, and other relevant frameworks.
- Own audit readiness end-to-end: gap assessments, control mapping, auditor coordination, walkthroughs, and remediation follow-up.
- Turn framework requirements into clear, actionable, and lightweight controls that teams can operate without slowing delivery.
- Drive evidence collection automation in partnership with Engineering; the goal is evidence-by-default.
- Maintain scope, context, governance artifacts, and Statement of Applicability.
- Run internal audits, manage CAPAs, and sustain certification readiness.
- Evaluate control design and operating effectiveness; identify gaps and drive actionable remediation.
- Maintain the AIMS: AI use-case inventory, impact assessments, and human oversight controls.
- Collaborate with AI-Ops on model documentation (model cards), bias/fairness testing, explainability, drift monitoring, and adversarial robustness controls.
- Produce compliance dashboards and KPI reporting for leadership and customers.
- Evaluate control design and operating effectiveness against internal policies/standards and external frameworks; identify control gaps and actionable recommendations.
- Operationalize and sustain the ISMS (ISO/IEC 27001) and AIMS (ISO/IEC 42001), including scope, context, governance, and required.
- Lead third-party/vendor risk management: due diligence, review of security documentation, contract/control requirements, and tracking vendor remediation and data-protection alignment.
- Evaluate residual risk and support risk acceptance decisions with documented rationale.
- Collaborate with the AI-Ops team in building and maintaining AI-Governance.
- Manage the responsible AI policy lifecycle alongside the AI Ops team.
- Work with Engineering in automating the collection of evidence and control testing, internal audits, managing CAPAs, and maintaining continuous audit readiness.
- Partner with Engineering, Product, and Legal to bake in controls into the SDLC.
- Translate framework requirements into plain-language controls that engineers can operate without slowing delivery.
- Collaborate with the Security team in identifying, evaluating and acting on vulnerabilities reported by our monitoring systems and/or external channels.
- Produce compliance reporting and dashboards. Define and track security & compliance KPIs, lead management reviews to ensure a healthy compliance posture to stakeholders.
- Drive continuous improvement of risk and control maturity based on trends, audit results, and business impact.
What We Are Looking For
- 5+ years in information security compliance, risk management, or audit, with hands-on SOC 2 Type II experience as the primary requirement.
- Deep working knowledge of SOC 2 Trust Services Criteria and practical audit mechanics.
- Experience operationalizing ISO 2700, maintaining an ISMS, managing CAPAs, and sustaining certification.
- Ability to assess control design and operating effectiveness, identify gaps, and drive remediation without authority over the teams implementing fixes.
- Strong written communication. You will produce risk registers, control documentation, dashboards, and audit artifacts that engineering and legal teams rely on.
- Comfort working in a cloud-native environment (Azure) and understanding how infrastructure decisions affect control coverage.
What Would Make You Stand Out
- Experience with ISO 42001 or AI/ML governance frameworks, model risk management, responsible AI policy, or AI impact assessments.
- Background in regulated industries: utilities, municipalities, government.
- Familiarity with evidence collection automation.
- CISSP, CISA, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent certification.
What We Can Offer
- 3 weeks’ vacation and 5 personal days.
- Comprehensive Medical, Dental, and Vision benefits starting from your first day of employment.
- Employee stock ownership and RRSP/401k matching programs.
- Lifestyle rewards.
- Remote work and more!
About Cayenta
Cayenta is a leading provider of enterprise resource management solutions in the local government, utility and financial industries. Cayenta’s products, services and customer relationships provide the foundation for continued innovation and growth.
About Harris
Harris is a leading provider of mission critical software to the public sector in North America. As a wholly owned subsidiary of Constellation Software Inc. (“CSI”, symbol CSU on the TSX), Harris has become the cornerstone for CSI’s investment in utility, local government, school districts, public safety, and healthcare software verticals.
(Remote) Compliance & Governance Specialist in London employer: Harris Computer
Cayenta, a division of Harris, is an exceptional employer that prioritises employee well-being and professional growth. With a strong focus on remote work flexibility, comprehensive benefits including stock ownership and generous vacation time, and a collaborative culture that encourages autonomy and innovation, Cayenta empowers its team members to thrive in their roles while making a meaningful impact in the public sector. Join us in shaping the future of compliance and governance in a supportive environment that values your contributions.
StudySmarter Expert Advice🤫
We think this is how you could land (Remote) Compliance & Governance Specialist in London
✨Join Compliance Communities
Get involved in compliance and risk communities — both online and offline. Look for forums, LinkedIn groups, or even local meetups where compliance pros hang out. You never know who might drop a job opportunity your way!
✨Attend Industry Conferences
Keep an eye out for compliance and risk management conferences and workshops in your area. These events are a goldmine for networking, and they often have job boards or recruiters on-site looking for new talent. Plus, it’s a chance to learn what's trending in the field.
✨Leverage Your University Career Services
If you’ve recently graduated or are still studying, head over to your university's career services. Many companies, including those in compliance, actively recruit fresh talent through these services, so make sure you tap into that resource.
✨Showcase Your Knowledge Online
Start writing articles or blog posts about compliance topics that interest you. Share them on platforms like LinkedIn to demonstrate your knowledge and passion. This not only builds your presence in the field but can also catch the attention of companies like Harris Computer looking for candidates who are engaged and informed.
We think you need these skills to ace (Remote) Compliance & Governance Specialist in London
Some tips for your application 🫡
Show Your Understanding of Compliance:In the compliance-risk field, it's super important to showcase your understanding of regulations and risk management frameworks. Highlight any relevant coursework, certifications (like ICA or AML), or even projects that demonstrate your knowledge and commitment to this area. We want to see how you can navigate this complex landscape!
Quantify Your Achievements:When detailing your experience, try to quantify your achievements. For example, if you've previously worked on a project that improved compliance metrics or reduced risk exposure, give us the numbers! This data-driven approach really stands out to hiring managers in compliance-risk roles.
Tailor Your CV to Reflect Relevant Skills:Make sure your CV highlights skills that are particularly relevant to compliance, like attention to detail, analytical thinking, and report writing. Ensure these are easy to spot – consider using bullet points to break down your responsibilities and achievements for maximum impact!
Craft a Motivating Cover Letter:In your cover letter, let us know why you’re excited about the compliance-risk role at Harris Computer. Share what motivates you about compliance, and how you believe you can contribute to our mission. This is your chance to showcase not only your skills but also your passion for this important field!
How to prepare for a job interview at Harris Computer
✨Master the Regulations
Brush up on key compliance regulations relevant to the industry you're applying to. Familiarising yourself with specific laws and frameworks used in your field will give you an edge during technical questions. Show that you’re not just aware of them but can also apply them—think real-life scenarios!
✨Show Your Analytical Skills
Compliance roles really focus on analytical skills, so be prepared for case studies or situational questions during the interview. We've got to demonstrate how we approach risk assessments or compliance audits, possibly drawing on examples from past experiences or university projects. Bring some thoughtful case scenarios to discuss!
✨Know Your Tools
Get comfortable with commonly used compliance software and tools. Familiarity with platforms like RSA or MetricStream can really impress during your interview, as it shows you're ready to hit the ground running. If you’ve had any experience with them, make sure to highlight that!
✨Align with Company Culture
Since it's a full-time position, show your long-term commitment and interest in the company’s mission and values. Dive into how your ethics and professional philosophy align with Harris Computer’s stance on compliance. A shared vision can really resonate with interviewers looking for fit as much as skill!