Information Security Governance, Risk and Compliance Analyst

At Trustpilot, we are on an incredible journey. We are a profitable, high-growth FTSE-250 company with a big vision: to become the universal symbol of trust. We run the world’s largest independent consumer review platform, and while we have come a long way, there is still so much exciting work to do. Come join us at the heart of trust!

Ready to help us navigate a major shift in technology that brings both exciting opportunities and new security risks? Our Information Security team’s mission is to securely enable Trustpilot to be the universal symbol of trust. As our new Governance, Risk and Compliance Analyst, you will get hands-on with some of our most exciting initiatives yet. You will help mature our core compliance frameworks and play a key role in shaping our approach to AI security and governance. From risk-assessing new AI systems to helping us use AI to automate manual GRC workflows, your work will directly strengthen our security posture.

We are an open, inclusive and collaborative team of security enthusiasts who work closely with engineers and data scientists to solve complex problems. If you are a pragmatic technologist who loves balancing risk with fast-paced innovation, we want you to bring your unique perspective and ideas to our team. You will partner with our security, risk and engineering teams to mature our core compliance programs and safely adopt exciting new AI technologies, directly strengthening the trust millions of people place in our platform.

• Drive our ongoing compliance efforts for major industry standards, including SOC 2, ISO27001, ISO42001 and PCI DSS, ensuring we consistently meet commitments to our customers.
• Evaluate and manage the security risks associated with our new artificial intelligence and machine learning systems, allowing our product teams to innovate safely and securely.
• Streamline how we assess the security of our vendors and third-party tools, paying special attention to how we safely integrate external AI technologies into our business.
• Help develop our internal standards for artificial intelligence, keeping us ahead of the curve on new global regulations like the EU AI Act.
• Identify opportunities to replace manual, repetitive risk management tasks with smart, AI-driven automation.
• Refresh our security policies and public-facing documents to clearly communicate our security posture to our customers, partners and auditors.
• Act as an advocate for security awareness across the business, helping colleagues understand how balancing risk and innovation leads to better, safer products.

Who you are:

• You have solid experience managing and auditing against core compliance frameworks, such as SOC 2, ISO27001 and PCI DSS.
• You are well-versed in risk management processes, including risk identification, third-party risk management and vendor security due diligence.
• You have practical experience developing, implementing and managing security policies and procedures.
• You are a pragmatist who knows how to balance security risks with the pace of innovation, bringing a solid understanding of cloud environment risks.
• Bonus points if you are familiar with emerging AI governance frameworks (like the EU AI Act, NIST AI RMF, and ISO/IEC 42001) or have a strong desire to learn them on the job.
• Bonus points if you have experience with, or a keen interest in, using AI to automate manual tasks and drive efficiencies in GRC workflows.

What’s in it for you:

• A range of flexible working options to dedicate time to what matters to you.
• Competitive compensation package + bonus.
• 25 days holiday per year, increasing to 28 days after 2 years of employment.
• Two (paid) volunteering days a year to spend your time giving back to the causes that matter to you and your community.
• Rich learning and development opportunities are supported through the Trustpilot Academy and Blinkist.
• Pension and life insurance.
• Health cash plan, online GP, 24/7, Employee Assistance Plan.
• Full access to Headspace, a popular mindfulness app to promote positive mental health.
• Paid parental leave.
• Season ticket loan and a cycle-to-work scheme.
• Central office location complete with table tennis, a gaming corner, coffee bars and all the snacks and refreshments you can ask for.
• Regular opportunities to connect and get to know your fellow Trusties, including company-wide celebrations and events, ERG activities, and team socials.
• Access to over 4,000 deals and discounts on things like travel, electronics, fashion, fitness, cinema discounts, and more.
• Independent financial advice and free standard professional mortgage broker advice.
• Talent acceleration programs: Fast-track your career with our tailored development programs designed to support growth at whatever stage of your career.

Trustpilot is committed to creating an inclusive environment where people from all backgrounds can thrive and where different viewpoints and experiences are valued and respected. Trustpilot will consider all applications for employment without regard to race, ethnicity, national origin, religious beliefs, gender identity or expression, sexual orientation, neurodiversity, disability, age, parental or veteran status. Together, we are the heart of trust.