At a Glance
- Tasks: Manage compliance programmes and support security initiatives in a fast-paced SaaS environment.
- Company: Join a rapidly growing B2B SaaS company focused on security and compliance.
- Benefits: Competitive salary, remote work, and opportunities for professional growth.
- Other info: Dynamic role with excellent career advancement in a scaling business.
- Why this job: Make a real impact on customer trust and security in a tech-driven world.
- Qualifications: Degree in Cyber Security or related field; experience with Microsoft 365 and compliance tools.
The predicted salary is between 70000 - 80000 £ per year.
To be considered for this role, applicants must:
- Hold a relevant university degree in Cyber Security, Information Security, Computer Science, Information Systems, Technology, Risk Management or a related field
- Have experience working within a SaaS software company
- Have experience operating within Microsoft 365, Azure and Entra ID environments
- Have hands-on experience with compliance automation platforms such as Vanta, Drata, Secureframe, Sprinto or similar
About the Company
We’re partnering with a rapidly growing B2B SaaS company whose platform is deeply integrated with Microsoft 365 and Microsoft Teams. The business works with enterprise and mid-market organisations globally, including customers operating in highly regulated sectors. As customer requirements continue to evolve, security, compliance and trust have become increasingly important drivers of both customer acquisition and retention. The company has invested heavily in building a mature security and compliance function and already maintains certifications including SOC 2 Type 2 and ISO 27001.
Given the nature of the product and customer environment, Microsoft technologies sit at the core of the business, making experience within Microsoft 365, Azure and Entra ID environments particularly important for this position. With continued international growth and increasing enterprise adoption, they are now looking to strengthen their Governance, Risk & Compliance capability through the addition of a GRC Specialist.
The Role
This is a hands-on Governance, Risk & Compliance role operating at the intersection of compliance, security and customer trust. You'll be responsible for the day-to-day operation of the company's compliance programmes, helping maintain certifications, support customer security requirements and ensure compliance processes continue to scale alongside the business. Working closely with leadership, engineering, legal and external auditors, you'll play an important role in maintaining the company's security and compliance posture while helping support enterprise customer relationships and commercial growth.
Given the company's Microsoft-centric technology environment, you'll regularly work alongside teams responsible for Microsoft 365, Azure and Entra ID, helping ensure compliance controls, governance processes and security requirements align with both internal standards and customer expectations. The role combines framework management, audit coordination, customer-facing security engagement and ongoing compliance operations within a fast-growing SaaS environment.
Responsibilities
- Operate and maintain ongoing SOC 2 Type 2 and ISO 27001 compliance programmes
- Coordinate audit cycles and work closely with external auditors
- Manage evidence collection, remediation tracking and control monitoring
- Operate and maintain compliance tooling such as Vanta
- Support enterprise sales processes through security questionnaires and customer due diligence
- Participate in customer security and compliance review calls
- Review and support DPAs, NDAs and security-related contractual terms
- Maintain and evolve the company’s Trust Center and public-facing compliance documentation
- Work closely with engineering, product and leadership teams on security and compliance initiatives across Microsoft 365, Azure and Entra ID environments
- Support future framework expansion across additional compliance standards
- Support enterprise customer procurement and vendor risk assessment processes
- Own customer-facing trust and compliance documentation
What We're Looking For
- Relevant university degree in Cyber Security, Information Security, Computer Science, Information Systems, Technology, Risk Management or a related field
- Experience working within a B2B SaaS or cloud software environment
- Experience supporting and operating SOC 2 Type 2 and ISO 27001 programmes
- Hands-on experience with compliance automation platforms such as Vanta, Drata, Secureframe, Sprinto or similar
- Experience operating within Microsoft 365, Azure and Entra ID environments
- Understanding of Microsoft identity, access management and security controls
- Experience supporting enterprise sales teams through security questionnaires, customer audits and due diligence exercises
- Strong understanding of cloud infrastructure, identity management and modern SaaS environments
- Practical knowledge of GDPR and privacy requirements
- Strong organisational skills with the ability to manage multiple compliance workstreams simultaneously
- Excellent communication skills and the ability to engage confidently with both technical and non-technical stakeholders
- Comfortable working independently within a scaling business environment
Nice to Have
- Experience supporting Microsoft-focused SaaS products or platforms
- Experience with ISO 42001 (AI Governance)
- Experience supporting FedRAMP, NIST, HIPAA or TISAX initiatives
- Certifications such as CISA, CISM, CRISC, CIPP/E or ISO 27001 Lead Auditor
- Experience working within scale-up or high-growth technology businesses
GRC Analyst in Peterborough employer: Quanta
Join a rapidly growing B2B SaaS company that prioritises security and compliance, offering a dynamic work culture where innovation thrives. With a strong focus on employee development and collaboration, you'll have the opportunity to work closely with leadership and cross-functional teams in a Microsoft-centric environment, ensuring your skills are continuously honed while contributing to meaningful projects. Enjoy competitive compensation, a commitment to work-life balance, and the chance to be part of a team that values trust and excellence in serving enterprise customers globally.
StudySmarter Expert Advice🤫
We think this is how you could land GRC Analyst in Peterborough
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Quanta, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Quanta
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Quanta. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace GRC Analyst in Peterborough
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Quanta insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Quanta that you’re committed to staying ahead in the game.
How to prepare for a job interview at Quanta
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Quanta to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Quanta.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
