Information Security Governance, Risk and Compliance Analyst in Edinburgh

At Trustpilot, we are on an incredible journey. We are a profitable, high-growth FTSE-250 company with a big vision: to become the universal symbol of trust. We run the world’s largest independent consumer review platform, and while we have come a long way, there is still so much exciting work to do. Come join us at the heart of trust.

Ready to help us navigate a major shift in technology that brings both exciting opportunities and new security risks? Our Information Security team’s mission is to securely enable Trustpilot to be the universal symbol of trust. As our new Governance, Risk and Compliance Analyst, you will get hands-on with some of our most exciting initiatives yet.

You will help mature our core compliance frameworks and play a key role in shaping our approach to AI security and governance. From risk-assessing new AI systems to helping us use AI to automate manual GRC workflows, your work will directly strengthen our security posture.

We are an open, inclusive and collaborative team of security enthusiasts who work closely with engineers and data scientists to solve complex problems. If you are a pragmatic technologist who loves balancing risk with fast-paced innovation, we want you to bring your unique perspective and ideas to our team.

You will partner with our security, risk and engineering teams to mature our core compliance programs and safely adopt exciting new AI technologies, directly strengthening the trust millions of people place in our platform.

• Drive our ongoing compliance efforts for major industry standards, including SOC 2, ISO 27001, ISO 42001 and PCI DSS, ensuring we consistently meet commitments to our customers.
• Evaluate and manage the security risks associated with our new artificial intelligence and machine learning systems, allowing our product teams to innovate safely and securely.
• Streamline how we assess the security of our vendors and third-party tools, paying special attention to how we safely integrate external AI technologies into our business.
• Help develop our internal standards for artificial intelligence, keeping us ahead of the curve on new global regulations like the EU AI Act.
• Identify opportunities to replace manual, repetitive risk-management tasks with smart, AI-driven automation.
• Refresh our security policies and public-facing documents to clearly communicate our security posture to our customers, partners and auditors.
• Act as an advocate for security awareness across the business, helping colleagues understand how balancing risk and innovation leads to better, safer products.

• You have solid experience managing and auditing against core compliance frameworks, such as SOC 2, ISO 27001 and PCI DSS.
• You are well-versed in risk-management processes, including risk identification, third-party risk management and vendor security due diligence.
• You have practical experience developing, implementing and managing security policies and procedures.
• You are a pragmatist who knows how to balance security risks with the pace of innovation, bringing a solid understanding of cloud-environment risks.
• Bonus points if you are familiar with emerging AI governance frameworks (like the EU AI Act, NIST AI RMF, and ISO/IEC 42001) or have a strong desire to learn them on the job.
• Bonus points if you have experience with, or a keen interest in, using AI to automate manual tasks and drive efficiencies in GRC workflows.

• Rich learning and development opportunities are supported through the Trustpilot Academy and Blinkist.
• Pension and life insurance.
• Health cash plan, online GP, 24/7 Employee Assistance Plan.
• Full access to Headspace, a popular mindfulness app to promote positive mental health.
• Paid parental leave.
• Season ticket loan and a cycle-to-work scheme.
• Central office location complete with all the snacks and refreshments you can ask for.
• Regular opportunities to connect and get to know your fellow Trusties, including company-wide celebrations and events, ERG activities, and team socials.
• Access to over 4,000 deals and discounts on things like travel, electronics, fashion, fitness, cinema discounts, and more.

Trustpilot began in 2007 with a simple yet powerful idea that is more relevant today than ever — to be the universal symbol of trust, bringing consumers and businesses together through reviews. Trustpilot is open, independent, and impartial — we help consumers make the right choices and businesses to build trust, grow and improve.

Today, we have more than 300 million reviews and 64 million monthly active users on average across the globe, with 140 billion annual Trustbox impressions, and the numbers keep growing. We have more than 1,000 employees and we are headquartered in Copenhagen, with operations in Amsterdam, Denver, Edinburgh, Hamburg, London, Melbourne, Milan and New York.

We are driven by connection. It’s at the heart of what we do. Our culture keeps things fresh –– it’s built on the relationships we create. We talk, we laugh, we collaborate and we respect each other. We work across borders and cultures to be the universal symbol of trust in an ever-changing world. With vibrant office locations worldwide and over 50 nationalities, we are proud to be an equal-opportunity workplace with diverse perspectives and ideas.

Our purpose to help people and businesses help each other is a tall order, but we keep it real. We are a great bunch of humans, doing awesome stuff, without fuss or pretense. A successful Trustpilot future is driven by you –– we give you the autonomy to shape a career you can be proud of. If you are ready to grow, let’s go.

Trustpilot is committed to creating an inclusive environment where people from all backgrounds can thrive and where different viewpoints and experiences are valued and respected. Trustpilot will consider all applications for employment without regard to race, ethnicity, national origin, religious beliefs, gender identity or expression, sexual orientation, neurodiversity, disability, age, parental or veteran status. Together, we are the heart of trust.

Trustpilot is a global company and our data practices are designed to ensure that your personally identifiable information is appropriately protected. Please note that your personal information will be transferred, accessed, and stored globally as necessary for the uses and disclosures stated in our Privacy Policy. If you have a disability and would like to discuss any adjustments you might need either in submitting your application, or to the recruitment process more generally, please let us know by contacting our Talent Acquisition Team.