As the first full-time compliance hire at Sona, you will own and evolve our security and compliance foundations. This hands-on role requires a strong information security background, focusing on external certifications like ISO 27001 and SOC 2 while translating compliance requirements into practical systems that support our growth.
What You'll Do
- Own and lead information security across the business, including policies, controls and risk management.
- Lead external certifications and audits (e.g. ISO 27001, GDPR, SOC 2, Cyber Essentials).
- Work cross-functionally to advise teams on risk and data security, supporting them with use of new tools and AI adoption.
- Translate security and compliance requirements into concrete systems, tools and processes.
- Own or lead implementation of technical controls (e.g. access management, logging, monitoring, incident response, device management).
- Act as the point of contact for RFPs, customer security reviews, questionnaires and audits.
- Support and develop AML compliance, extending depth over time where needed.
What We're Looking For
- 5+ years of experience in information security, compliance or closely related roles.
- Hands-on experience leading or materially contributing to external certificates (e.g. ISO 27001, GDPR, SOC 2, Cyber Essentials).
- Experience in a SaaS or technology environment, ideally a startup or scale-up.
- Strong understanding of security controls and how to implement them in practice (not just on paper).
- Experience working directly with tools, vendors and configurations (not purely advisory).
- A pragmatic, risk-based mindset with the ability to push back clearly and constructively.
Nice to Have
- Exposure to US customers or US compliance expectations.
- Familiarity with AML or adjacent compliance areas, with willingness to deepen expertise.
Team & Environment
You will join our 120+ person team, sitting within the Legal & Compliance function and reporting to the General Counsel. Sona is small enough for significant impact on growth and culture, yet large enough for great structure and experienced leaders.
Benefits & Compensation
- Compensation range: £75,000-£85,000.
- Share options.
- 35 days annual leave (25 days standard plus 10 flexible public holiday days).
- Extra day of leave for every year of service.
- Pension contributions matched up to 5%.
- Comprehensive health insurance.
- Enhanced parental leave & pay.
- Co-working space stipend for those based outside London.
- Annual all expenses paid team retreats.
- The latest Macbook and equipment budget for your home office.
- Professional development budget.
- Unlimited free books.
Work Mode
This is a hybrid position based in the UK.
