Compliance Team Lead

About Netcraft 

Netcraft is the global leader in cybercrime detection and disruption. We’re a trusted partner for three of the four largest companies in the world, twelve of the fifty largest banks, and five country governments. We've blocked almost 200 million cyber-attacks to date, and we take down around 33% of the world's phishing attacks.

Our purpose and passion are focused on just one thing: protecting the world from cybercrime.

We carry that passion through into our workplace too. Our people are highly talented, and everyone is valued for their individual contribution, so we make sure Netcraft is a great place to work. From great benefits to health and wellness and social events, we’ve got you covered.

About the role

Reporting to the Security Engineering Manager and liaising closely with our teams worldwide, you’ll be focused on helping Netcraft demonstrate, develop, maintain and improve our compliance programs. You’ll also be working closely with our commercial teams to help demonstrate our security commitments to clients and prospects.

Day to day, you'll be:

• Helping to design and implement compliance programs like SOC 2, Cyber Essentials, and FedRAMP.
• Developing and maintaining security documentation on Netcraft's services and data handling.
• Leading external compliance audits, including evidence collection and walkthrough calls.
• Working with our legal team to understand regulations and standards applicable to the company and cybersecurity industry.
• Working with different departments to understand their functions and how best to apply and develop our policies and procedures.
• Providing help and advice on our policies and processes to all our teams.
• Running internal audit and review programs.
• Engaging with clients' and prospects' procurement teams to demonstrate Netcraft's compliance and help complete their vendor review processes.
• Aiding the commercial and legal teams by reviewing compliance-related parts of contracts.
• Working in-line with Netcraft’s hybrid working policy, based in one of our offices in Bath, London, or Manchester.

The reward package:

• An excellent range of benefits including: 
• Hybrid and flexible working options
• 33 days holiday per annum (incl. public holidays)
• Pension scheme membership with 4% employer contributions + NI savings
• Private health cover, including access to a private GP service
• Equity tracking scheme, so you can share in the rewards of Netcraft's long-term success (eligibility criteria apply)
• Comprehensive wellness and support provisions
• Enhanced family leave provisions
• Life Assurance
• Two days paid Volunteering Leave per year
• Free meals, drinks and snacks provided daily in the offices
• Regular social events such as board game nights, big summer party and annual kick-off
  
• Inclusive culture and environment, where you’ll feel genuinely valued and respected; and
• A tax-efficient cycle to work scheme.

What you’ll need to be successful:

• Proven experience of working in similar roles and industries.
• A high degree of familiarity with compliance standards like SOC 2, NIST CSF or ISO 27001.
• Experience implementing or assisting implementation of compliance programs.
• Experience of handling customer security questionnaires and audits.
• Strong communication and collaboration skills.
• Deep knowledge of relevant cybersecurity and GRC concepts.
• Knowledge of legislation relevant to operating the UK and EU (e.g. GDPR).

Bonus points if you have experience with: 

• Familiarity with marking up legal documents.
• ISO2007 internal audit qualification or other similar qualifications or experience.
• Experience with FedRAMP certification.
• Knowledge of DORA and upcoming EU regulations which could affect the cybersecurity industry.
  

Diversity, Equity and Inclusion

This is very important to us and through our ally network we actively support under-represented groups. We seek to maintain a working environment that is free from bias, harassment or discrimination and we encourage candidates from any background to apply, regardless of their gender, gender identity, sexual orientation, race/ethnicity, ability/disability, age, religion, or any other specific characteristics.

We’re happy to make reasonable adjustments to our hiring process to ensure that all candidates are able to participate fully and comfortably.  

Please note Netcraft does not accept any unsolicited approaches from external recruiters.