Job Description

About the role

As a Senior Security Compliance Analyst you'll support the organisation's information security compliance programme across all Zellis Group business units. The role ensures that security controls, processes, and documentation meet internal policies, contractual obligations, and external standards such as ISO 27001, SOC2, GDPR, PCI-DSS, and Cyber Essentials Plus.



This position focuses on execution and continuous assurance - maintaining audit readiness, evidencing control effectiveness, and tracking remediation activities to uphold a consistent and trusted compliance posture.



Key areas of responsibility will include:

Compliance Management

Maintaining compliance evidence repositories and supporting audit readiness across frameworks including ISO 27001, SOC 2, and others as required. Monitoring adherence to information security policies, standards, and procedures. Tracking completion of mandatory security training and awareness activities. Supporting Zellis Group business units in interpreting and applying compliance controls.

Certification & Audit Management


Coordinating internal and external audit activities for ISO 27001, SOC 2, and other frameworks introduced by group business units. Managing pre-audit preparation, evidence collection, and auditor liaison. Supporting transition of SOC 1 activities into the central compliance function. Maintaining certification schedules and ensuring corrective actions are tracked to closure.

Internal Security Audits


Planning and conducting internal control reviews to test compliance effectiveness. Documenting findings, non-conformities, and improvement opportunities. Tracking issue remediation and providing status reporting to management.

Stakeholder Collaboration


Acting as compliance liaison across business units, including customer facing and commercial teams. Supporting external customer engagements, tenders, and due diligence requests by providing accurate compliance information packs and evidence extracts. Collaborating with IT, Engineering, Compliance, Legal, HR, Operations and other teams to embed compliance into operational processes.

Continuous Improvement & Integration


Supporting compliance integration activities during mergers and acquisitions. Participating in the implementation and ongoing maintenance of automating audits. Participating in access reviews, control testing, and assurance checks. Recommending improvements to enhance consistency, efficiency, and auditability.

Assisting Security Risk & Assurance Functions


Supporting identification and assessment of compliance-related risks. Assisting in preparing risk and compliance dashboards, metrics, and SLA tracking. Contributing data to group risk registers and compliance scorecards. Maintaining localised policy registers and managing documented exceptions. Contributing to drafting and reviewing information security procedures. Ensuring all colleagues have access to, and acknowledge, current policy versions.

Skills & experience

Functional / technical:

Extensive experience in IT or information security, with at least 2 years focused on compliance or audit. Strong working knowledge of information security compliance frameworks (ISO 27001, SOC 2, GDPR, PCI-DSS, NIS 2, Cyber Essentials Plus). Relevant certifications desirable (e.g. ISO 27001 Lead Implementer/Auditor, CISA, CRISC, CompTIA Security+). Working knowledge of cloud platforms (Azure, AWS, Google Cloud) and common security tooling (EDR/XDR, SIEM, IAM, PAM). Understanding of data protection and privacy requirements under UK GDPR. Experience maintaining audit trails, compliance registers, and remediation logs. Proficiency in preparing documentation for external audits and customer requests. Familiarity with risk assessment methodologies and SLA metric reporting. Experience of business tooling such as Teams, Project, Service Now, ADO, Jira would be advantageous. Ability to interpret technical controls and convey compliance requirements clearly.
Personal attributes:

Excellent analytical, organisational, and communication skills - able to engage effectively with both technical and business stakeholders. Detail-oriented and disciplined in maintaining documentation and audit evidence. Proactive and accountable in following through on compliance actions. Strong prioritisation skills with the ability to manage multiple audits and requests. Collaborative team player, promoting consistency and knowledge sharing across business units. Integrity, reliability, and commitment to maintaining high standards of security assurance. Adaptable and comfortable working in a fast-paced, evolving environment. Ability to establish and maintain strong, professional relationships with internal and external stakeholders.

Benefits & culture

At Zellis we create market-leading HR & Payroll products and services, to power exceptional employee experiences so that you and your people do better. Our multi-award-winning products pay over five million employees a year, with almost half (42%) of the FTSE 100, 50% of the top retailers and 30% of the top universities in the UK & Ireland as customers, making us the largest provider of Payroll and HR software and managed services.



Our vision is to be the clear leader in pay, reward, analytics, and people experiences. We're passionate about creating an environment where people want to join, belong to, and be part of a progressive organisation. Our values, which were defined with input from our colleagues, we live and breathe every day:


Unstoppable together. Always learning. Make it count. Think scale.

Our people are critical to our ongoing success; we're proud of our inclusive culture that gives you the platform to grow, challenge the status quo and play a crucial role in further enhancing our market position as the leading provider of HR & Payroll software and services. With Zellis you'll have the chance to stretch and challenge yourself in an environment that's varied, flexible and hugely supportive.



We also love to reward and recognise our brilliant colleagues. As part of your benefits package, you'll receive:


A competitive base salary. 25 days annual leave, plus your birthday off and the opportunity to buy additional holiday. Private medical insurance. Life assurance 4x salary. Enhanced pension scheme with company contributions up to 8.5%. * A huge range of additional flexible benefits across financial & personal wellbeing, lifestyle & leisure.