UKG Compliance Engineer

Requirements

• 3+ years’ experience with compliance audits and prior UK Government compliance and audit experience (MOD JSP application, Secure by Design, NIST 800-53, and UK Government ATOs, etc.)
• Current UK security clearance (SC or DV level)
• Relevant professional certifications (CIPM, CIPP/E, CRISC, CISSP, or similar)
• Familiarity with data protection compliance tools and GRC platforms

What We Value

• Deep understanding of on-premises infrastructure and security concepts
• Experience working directly with the UK Ministry of Defence or other government departments
• Experience successfully supporting security and compliance efforts in complex on-premises data centres
• Experience performing technical assessments in direct support of compliance efforts
• Experience developing security and risk assessment plans and related documentation
• Ability to clearly convey compliance requirements to internal engineering teams and associated implementation to external customers using effective written and verbal communication skills
• Proficiency with security concepts (encryption, authentication, etc.) and tooling for continuous monitoring (Nessus SecurityCenter, Burp, Jira, Splunk, etc.)
• Knowledge of cloud security compliance (AWS, Azure, GCP)
• Understanding of DevSecOps practices and secure software development lifecycles

What You'll Be Doing

• Partner with engineers to interpret and map compliance requirements to control implementation and assist with product architecture.
• Directly facilitate operational and regulatory outcomes across our UK government client portfolio, including Secure by Design adherence, MOD JSP compliance and continuous monitoring.
• Develop and deliver evidence to meet regulatory compliance audits across the UK government client portfolio.
• Propose and implement ideas for operational improvements and facilitate automation for procedural compliance controls.
• Guide technical and operational decision-making towards future product offerings and efficient organisational processes.
• Evaluate and advise the business on new and evolving UK Government certification programmes, requirements, and technologies.
• Manage and participate in audits, as appropriate.