Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead SOC 2 Type II readiness activities and collaborate with teams on compliance.
- Company: Join a dynamic company focused on SaaS and cloud-hosted systems in a regulated environment.
- Benefits: Enjoy remote work, flexible hours, and exposure to industry-leading platforms.
- Why this job: Be part of a high-impact project that values security, quality, and innovation.
- Qualifications: Experience with SOC 2, ISO 27001, and GxP compliance is essential.
- Other info: Ideal for self-starters with strong organisational skills and a passion for IT governance.
The predicted salary is between 43200 - 72000 £ per year.
We are seeking an experienced SOC 2 / IT GRC Specialist Contractor to support and guide our SOC 2 Type II accreditation program. This is a critical role in a fast-moving, regulated environment, requiring hands-on experience with SOC 2 frameworks, ISO 27001, IT GRC, and GxP compliance in SaaS and cloud-hosted systems. Working closely with our Information Security, Engineering, IT, QA, and Compliance teams, the successful candidate will assess current controls, implement necessary enhancements, and lead the organization through SOC 2 readiness and audit.
Key Responsibilities
- Lead and execute SOC 2 Type II readiness activities from planning through audit support.
- Perform a gap analysis against SOC 2 Trust Services Criteria (Security, Availability, Confidentiality).
- Collaborate with control owners to define, implement, and document controls in alignment with SOC 2 and GxP expectations.
- Author, review, and enhance IT and security policies, SOPs, and governance documentation.
- Support GxP-aligned validation and change control processes where required.
- Manage risk assessments, internal audits, and remediation plans.
- Work with external auditors and vendors to support audit execution and ensure control effectiveness.
- Provide training and guidance to internal teams to embed a culture of compliance and readiness.
- Support the development, implementation, and continuous improvement of the ISO/IEC 27001-aligned ISMS.
Required Skills & Experience
- Demonstrable experience leading or supporting a successful SOC 2 and ISO 27001 implementations.
- Solid understanding of the AICPA Trust Services Criteria and related IT/security controls.
- Experience working within GxP environments, particularly in relation to SaaS applications or hosted infrastructure.
- Proven ability to design and document policies and procedures that satisfy both SOC 2 and GxP requirements.
- Familiarity with validation, change control, and documentation practices in regulated industries.
- Comfortable engaging with cross-functional teams and third-party auditors.
- Self-starter with excellent organisational and project management skills.
Preferred Qualifications
- Bachelor’s degree in Information Security, Information Technology, Life Sciences, or related field.
- Experience in pharmaceutical, biotech, or healthcare technology sectors.
- Prior involvement in achieving compliance in both SOC 2 and GxP contexts.
- Familiarity with FDA 21 CFR Part 11, EU Annex 11, or similar regulations.
What We Offer
- A key role in a high-impact compliance and accreditation project.
- Remote-first working environment with flexible hours.
- Exposure to industry-leading SaaS platforms in a regulated domain.
- A collaborative team that values security, quality, and innovation.
Information Technology Governance, Risk, and Compliance (United Kingdom) employer: Qinecsa Solutions
Contact Detail:
Qinecsa Solutions Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Technology Governance, Risk, and Compliance (United Kingdom)
✨Tip Number 1
Familiarise yourself with the SOC 2 framework and ISO 27001 standards. Understanding these frameworks in depth will not only help you during interviews but also demonstrate your commitment to the role and its requirements.
✨Tip Number 2
Network with professionals in the IT GRC field, especially those who have experience with SOC 2 and GxP compliance. Engaging in discussions or attending relevant webinars can provide insights and potentially lead to referrals.
✨Tip Number 3
Prepare to discuss specific examples from your past experiences where you've successfully implemented controls or led compliance initiatives. This will showcase your hands-on experience and problem-solving skills, which are crucial for this role.
✨Tip Number 4
Stay updated on the latest trends and changes in compliance regulations, particularly in the SaaS and cloud-hosted environments. Being knowledgeable about current issues will help you stand out as a candidate who is proactive and informed.
We think you need these skills to ace Information Technology Governance, Risk, and Compliance (United Kingdom)
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in SOC 2 and ISO 27001 implementations. Use specific examples that demonstrate your understanding of the AICPA Trust Services Criteria and your ability to work in GxP environments.
Craft a Compelling Cover Letter: In your cover letter, explain why you are the perfect fit for this role. Mention your hands-on experience with SOC 2 frameworks and how you've successfully led compliance projects in the past. Be sure to convey your enthusiasm for working in a regulated environment.
Showcase Your Skills: Highlight your organisational and project management skills in your application. Provide examples of how you've managed risk assessments or internal audits, and how you've collaborated with cross-functional teams to achieve compliance.
Proofread Your Application: Before submitting, carefully proofread your application materials. Check for any spelling or grammatical errors, and ensure that all information is clear and concise. A polished application reflects your attention to detail, which is crucial in compliance roles.
How to prepare for a job interview at Qinecsa Solutions
✨Understand SOC 2 and ISO 27001 Frameworks
Make sure you have a solid grasp of the SOC 2 Trust Services Criteria and ISO 27001 standards. Be prepared to discuss how you've applied these frameworks in previous roles, as this will demonstrate your hands-on experience and understanding of compliance requirements.
✨Showcase Your Cross-Functional Collaboration Skills
This role requires working closely with various teams such as Information Security, Engineering, and Compliance. Highlight any past experiences where you've successfully collaborated with different departments to achieve compliance goals or enhance security measures.
✨Prepare for Technical Questions
Expect technical questions related to risk assessments, internal audits, and control effectiveness. Brush up on your knowledge of GxP environments and be ready to explain how you would manage these processes in a SaaS context.
✨Demonstrate Your Project Management Abilities
As a self-starter with excellent organisational skills, be ready to discuss specific projects you've led or contributed to. Use examples that showcase your ability to manage timelines, coordinate with teams, and ensure successful outcomes in compliance initiatives.
