Senior Security Compliance Analyst in Bristol

As a Senior Security Compliance Analyst you will support the organisation's information security compliance programme across all Zellis Group business units. The role ensures that security controls, processes, and documentation meet internal policies, contractual obligations, and external standards such as ISO 27001, SOC2, GDPR, PCI-DSS, and Cyber Essentials Plus. This position focuses on execution and continuous assurance - maintaining audit readiness, evidencing control effectiveness, and tracking remediation activities to uphold a consistent and trusted compliance posture.

Responsibilities

• Maintaining compliance evidence repositories and supporting audit readiness across frameworks including ISO 27001, SOC 2, and others as required.
• Monitoring adherence to information security policies, standards, and procedures.
• Tracking completion of mandatory security training and awareness activities.
• Supporting Zellis Group business units in interpreting and applying compliance controls.
• Coordinating internal and external audit activities for ISO 27001, SOC 2, and other frameworks introduced by group business units.
• Managing pre-audit preparation, evidence collection, and auditor liaison.
• Supporting transition of SOC 1 activities into the central compliance function.
• Maintaining certification schedules and ensuring corrective actions are tracked to closure.
• Planning and conducting internal control reviews to test compliance effectiveness.
• Documenting findings, non-conformities, and improvement opportunities.
• Tracking issue remediation and providing status reporting to management.
• Acting as compliance liaison across business units, including customer facing and commercial teams.
• Supporting external customer engagements, tenders, and due diligence requests by providing accurate compliance information packs and evidence extracts.
• Collaborating with IT, Engineering, Compliance, Legal, HR, Operations and other teams to embed compliance into operational processes.
• Supporting compliance integration activities during mergers and acquisitions.
• Participating in the implementation and ongoing maintenance of automating audits.
• Participating in access reviews, control testing, and assurance checks.
• Recommending improvements to enhance consistency, efficiency, and auditability.
• Supporting identification and assessment of compliance-related risks.
• Assisting in preparing risk and compliance dashboards, metrics, and SLA tracking.
• Contributing data to group risk registers and compliance scorecards.
• Maintaining localised policy registers and managing documented exceptions.
• Contributing to drafting and reviewing information security procedures.
• Ensuring all colleagues have access to, and acknowledge, current policy versions.

Skills & experience

• Extensive experience in IT or information security, with at least 2 years focused on compliance or audit.
• Strong working knowledge of information security compliance frameworks (ISO 27001, SOC 2, GDPR, PCI-DSS, NIS 2, Cyber Essentials Plus).
• Relevant certifications desirable (e.g. ISO 27001 Lead Implementer/Auditor, CISA, CRISC, CompTIA Security+).
• Working knowledge of cloud platforms (Azure, AWS, Google Cloud) and common security tooling (EDR/XDR, SIEM, IAM, PAM).
• Understanding of data protection and privacy requirements under UK GDPR.
• Experience maintaining audit trails, compliance registers, and remediation logs.
• Proficiency in preparing documentation for external audits and customer requests.
• Familiarity with risk assessment methodologies and SLA metric reporting.
• Experience of business tooling such as Teams, Project, Service Now, ADO, Jira would be advantageous.
• Ability to interpret technical controls and convey compliance requirements clearly.

Personal Attributes

• Excellent analytical, organisational, and communication skills - able to engage effectively with both technical and business stakeholders.
• Detail-oriented and disciplined in maintaining documentation and audit evidence.
• Proactive and accountable in following through on compliance actions.
• Strong prioritisation skills with the ability to manage multiple audits and requests.
• Collaborative team player, promoting consistency and knowledge sharing across business units.
• Integrity, reliability, and commitment to maintaining high standards of security assurance.
• Adaptable and comfortable working in a fast-paced, evolving environment.
• Ability to establish and maintain strong, professional relationships with internal and external stakeholders.
• A positive and curious mindset for AI-first working, embracing the impact that "human+AI" can bring to the world.
• You will be adept at using AI tools, able to demonstrate examples of where you have utilised AI to improve your output or delivery efficiency, and you embrace the opportunity to learn more about how AI can drive enhancements in the way we work.

Benefits & culture

At Zellis we create market-leading HR & Payroll products and services, to power exceptional employee experiences so that you and your people do better. Our multi-award-winning products pay over five million employees a year, with almost half (42%) of the FTSE 100, 50% of the top retailers and 30% of the top universities in the UK & Ireland as customers, making us the largest provider of Payroll and HR software and managed services.

Our vision is to be the clear leader in pay, reward, analytics, and people experiences. We are passionate about creating an environment where people want to join, belong to, and be part of a progressive organisation. Our values, which were defined with input from our colleagues, we live and breathe every day: Unstoppable together. Always learning. Make it count. Think scale.

Our people are critical to our ongoing success; we are proud of our inclusive culture that gives you the platform to grow, challenge the status quo and play a crucial role in further enhancing our market position as the leading provider of HR & Payroll software and services. With Zellis you will have the chance to stretch and challenge yourself in an environment that is varied, flexible and hugely supportive. We also love to reward and recognise our brilliant colleagues. As part of your benefits package, you will receive:

• A competitive base salary.
• 25 days annual leave, plus your birthday off and the opportunity to buy additional holiday.
• Private medical insurance.
• Life assurance 4x salary.
• Enhanced pension scheme with company contributions up to 8.5%.
• A huge range of additional flexible benefits across financial & personal wellbeing, lifestyle & leisure.