Compliance Analyst at Luminance | Hybrid Hired

About the role

Compliance Analyst managing ISO/IEC 27001 and SOC 2 compliance programmes at Luminance. Collaborating with Security, Procurement, and Legal teams to ensure robust compliance workflows.

Responsibilities

Maintain and operate the ISO/IEC 27001:2022 ISMS.
Support ongoing SOC 2 (Type II) and CMMC Level 1 compliance programmes.
Manage compliance calendars, testing cycles, and control monitoring activities.
Coordinate external audits (ISO surveillance/recertification, SOC 2, CMMC).
Perform periodic control checks and collect, validate, and organise audit evidence.
Track nonconformities, findings, and corrective actions through to closure.
Escalate material control gaps or risks to the Information Security Manager.
Define and operate a proportionate, tiered supplier due diligence model.
Work with Procurement to ensure appropriate questionnaires and documentation are issued and completed.
Perform contextual risk assessments and provide compliance sign-off.
Partner with Legal where contractual or regulatory review is required.
Formalise structured, repeatable compliance workflows that scale with business growth.
Identify opportunities to reduce manual effort through automation or process improvement.
Maintain and evolve the risk register and remediation tracking processes.
Support awareness and training initiatives to improve organisational compliance maturity.

Requirements

Demonstrable experience in information security compliance, IT audit, or Governance, Risk & Compliance (GRC).
Working knowledge of ISO/IEC 27001:2022 and/or SOC 2 Trust Services Criteria.
Experience supporting audits and managing evidence collection.
Strong organisational, documentation, and stakeholder coordination skills.
Ability to interpret regulatory and control requirements and translate them into practical business processes.
Excellent written and verbal communication skills.
**Desirable (but not essential)**
ISO 27001 Internal Auditor certification.
Experience in SaaS or cloud-based environments.
Familiarity with CMMC and NIST SP 800 frameworks.
Working knowledge of risk management frameworks (ISO 31000, NIST RMF, FAIR).
Experience with GRC platforms (e.g., Drata, Vanta, Secureframe).
Exposure to AWS security controls.

Similar roles

Browse all Compliance jobs

47 minutes ago

RA

Analyst, Import/Export Compliance

Rockwell Automation

Join Rockwell Automation as an Analyst ensuring import/export compliance. Focus on regulations, documentation, and shipment monitoring in a hybrid environment.

Hybrid Role

Monterrey Mexico Compliance

57 minutes ago

CA

Regulatory Affairs Analyst – Mid Level

Captativa

Analista de Assuntos Regulatórios supporting regulatory strategies for multinational pharmaceutical company. Involves management of drug registration processes and performance monitoring in São Paulo.

Hybrid Role

São Paulo Brazil Compliance

2 hours ago

FR

Compliance Specialist

Freetrade

Compliance Specialist working at Freetrade to help meet regulatory requirements and support product development. Engaging with teams across the business and delivering training and reporting solutions.

Hybrid Role

Budapest Hungary Compliance

£875,000 - £1,100,000 per month

2 hours ago

RI

Manager, Policy – Regulatory Affairs

Rowan Digital Infrastructure

Manager of Regulatory Affairs & Public Policy at Rowan Digital Infrastructure shaping communications and strategies. Leading advocacy in the evolving regulatory landscape for data centers.

Hybrid Role

Denver United States Compliance

$130,000 - $160,000 per year

4 hours ago

AH

Compliance Coordinator

Astrana Health

Compliance Specialist supporting various Compliance initiatives and ensuring regulatory adherence in healthcare. Reporting to the Compliance Manager and collaborating with internal departments on compliance - related projects.

Hybrid Role

Orange United States Compliance

$23 - $28 per hour

12 hours ago

UP

Air Compliance Manager

UPS

Air Compliance Manager developing safety programs and conducting risk assessments at a global logistics leader. Ensuring compliance with regulations and maintaining staff certifications.

Onsite Role

Paranaque Philippines Compliance

14 hours ago

IN

Senior Consultant, Cyber & Digital Compliance

InstaClinic

Senior Consultant in Cybersecurity advising clients on EU cyber and digital compliance requirements. Collaborating with a team of experts to implement regulatory frameworks and solutions.

Hybrid Role

Espoo Finland Compliance

€5,500 - €6,500 per month

14 hours ago

VI

Governance Risk & Compliance Manager

Visma

Governance Risk & Compliance Manager overseeing GDPR compliance and managing a cross - functional team. Driving GRC projects and policies in a tech company focused on data and technology.

Hybrid Role

Carlsberg Byen Denmark Compliance

14 hours ago

CH

Senior Manager, Medicare Compliance – FDR Oversight Program

CVS Health

Senior Manager of Medicare Compliance at CVS Health overseeing Medicare compliance initiatives and operations. Leading oversight of delegated functions and engaging with internal stakeholders for compliance control.

Hybrid Role

Plymouth United States Compliance

$82,940 - $182,549 per year

16 hours ago

JC

Compliance Manager

Johnson Controls

Compliance Manager overseeing JCI’s anti - corruption program in India. Collaborating with regional compliance and legal teams to resolve compliance issues and train personnel.

Onsite Role

Pune India Compliance