Remote Compliance & Governance Specialist
Neath, Neath Port Talbot, SA11, Wales, UK
Listed on 2026-07-01
-
IT/Tech
Information Security, Cybersecurity
Overview
Cayenta, a division of Harris, is seeking a Security Governance & Compliance Specialist who will join the team to lead the design, implementation, and ongoing oversight of the organization's compliance frameworks. This role involves providing security controls across our product and cloud environments. Your work will reduce customer risk, improve audit outcomes, and strengthen resilience through measurable, automated governance. This is a senior individual contributor role with broad influence across all teams, including Legal.
This remote role welcomes candidates anywhere in Canada. Preference will be given to candidates who can work in PST timezone.
Key ResponsibilitiesIn this role, you will be responsible for identifying, assessing, and supporting the management of information security risks across the organization. Reporting to the Director of Cloud, Security & Compliance, this role contributes to Cayenta’s security posture by implementing security and IA governance frameworks. You are expected to operate with significant autonomy, own your programs, manage your audit timelines, and drive cross‑functional work.
Salary95K - 100K
What your impact will be- Own and manage the organization's security compliance programs, including SOC 2 Type II, ISO 27001, ISO 42001, and other relevant frameworks.
- Own audit readiness end-to-end: gap assessments, control mapping, auditor coordination, walkthroughs, and remediation follow‑up.
- Turn framework requirements into clear, actionable, and lightweight controls that teams can operate without slowing delivery.
- Drive evidence collection automation in partnership with Engineering; the goal is evidence‑by‑default.
- Maintain scope, context, governance artifacts, and Statement of Applicability.
- Run internal audits, manage CAPAs, and sustain certification readiness.
- Evaluate control design and operating effectiveness; identify gaps and drive actionable remediation.
- Maintain the AIMS: AI use‑case inventory, impact assessments, and human oversight controls.
- Collaborate with AI‑Ops on model documentation (model cards), bias/fairness testing, explainability, drift monitoring, and adversarial robustness controls.
- Produce compliance dashboards and KPI reporting for leadership and customers.
- Evaluate control design and operating effectiveness against internal policies/standards and external frameworks; identify control gaps and actionable recommendations.
- Operationalize and sustain the ISMS (ISO/IEC 27001) and AIMS (ISO/IEC 42001), including scope, context, governance, and required.
- Lead third‑party/vendor risk management: due diligence, review of security documentation, contract/control requirements, and tracking vendor remediation and data‑protection alignment.
- Evaluate residual risk and support risk acceptance decisions with documented rationale.
- Collaborate with the AI‑Ops team in building and maintaining AI‑Governance.
- Manage the responsible AI policy lifecycle alongside the AI Ops team.
- Collaborate with the AI‑Ops team in implementing AI risk/model governance controls aligned to ISO/IEC.
- Work with Engineering in automating the collection of evidence and control testing, internal audits, managing CAPAs, and maintaining continuous audit readiness.
- Partner with Engineering, Product, and Legal to bake in controls into the SDLC.
- Translate framework requirements into plain‑language controls that engineers can operate without slowing delivery.
- Collaborate with the Security team in identifying, evaluating and acting on vulnerabilities reported by our monitoring systems and/or external channels.
- Work closely with the Security team in the coordination and execution of the different frameworks.
- Produce compliance reporting and dashboards. Define and track security & compliance KPIs, lead management reviews to ensure a healthy compliance posture to stakeholders.
- Drive continuous improvement of risk and control maturity based on trends, audit results, and business impact.
- You report to the Director of Cloud, Security & Compliance. You are expected to operate with significant autonomy, own your programs, manage…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: