As the first full-time compliance hire at Sona, you will own and evolve our security and compliance foundations. This hands-on role requires a strong information security background, focusing on external certifications like ISO 27001 and SOC 2 while translating compliance requirements into practical systems that support our growth.

What You'll Do

Own and lead information security across the business, including policies, controls and risk management.
Lead external certifications and audits (e.g. ISO 27001, GDPR, SOC 2, Cyber Essentials).
Work cross-functionally to advise teams on risk and data security, supporting them with use of new tools and AI adoption.
Translate security and compliance requirements into concrete systems, tools and processes.
Own or lead implementation of technical controls (e.g. access management, logging, monitoring, incident response, device management).
Act as the point of contact for RFPs, customer security reviews, questionnaires and audits.
Support and develop AML compliance, extending depth over time where needed.

What We're Looking For

5+ years of experience in information security, compliance or closely related roles.
Hands-on experience leading or materially contributing to external certificates (e.g. ISO 27001, GDPR, SOC 2, Cyber Essentials).
Experience in a SaaS or technology environment, ideally a startup or scale-up.
Strong understanding of security controls and how to implement them in practice (not just on paper).
Experience working directly with tools, vendors and configurations (not purely advisory).
A pragmatic, risk-based mindset with the ability to push back clearly and constructively.

Nice to Have

Exposure to US customers or US compliance expectations.
Familiarity with AML or adjacent compliance areas, with willingness to deepen expertise.

Team & Environment

You will join our 120+ person team, sitting within the Legal & Compliance function and reporting to the General Counsel. Sona is small enough for significant impact on growth and culture, yet large enough for great structure and experienced leaders.

Benefits & Compensation

Compensation range: £75,000-£85,000.
Share options.
35 days annual leave (25 days standard plus 10 flexible public holiday days).
Extra day of leave for every year of service.
Pension contributions matched up to 5%.
Comprehensive health insurance.
Enhanced parental leave & pay.
Co-working space stipend for those based outside London.
Annual all expenses paid team retreats.
The latest Macbook and equipment budget for your home office.
Professional development budget.
Unlimited free books.