Manager, Security Controls & Compliance

Algolia • London, England • 2d ago

Why This Job is Featured on The SaaS Jobs

Security assurance is a core SaaS capability, and this role sits where cloud operations, product delivery, and external trust signals meet. With ownership across SOC 2, ISO 27001, C5, and emerging standards like ISO 42001, the remit reflects how SaaS companies increasingly need a control system that can serve multiple markets, customers, and regulatory expectations without fragmenting into one-off audits.

For a long-term SaaS security career, the standout value is learning how to make compliance continuous and operational rather than calendar driven. Building unified control mappings, turning system telemetry into evidence, and optimising tooling such as Vanta are skills that transfer across modern SaaS organisations, especially those standardising processes across infrastructure, engineering, IT, and procurement.

This position suits someone who prefers measurable outcomes and clear accountability, and who enjoys translating between technical teams and business stakeholders. It is also a strong fit for security professionals ready to combine hands-on programme ownership with people management, and for those motivated by building audit readiness into day-to-day workflows rather than treating it as a periodic project.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

We’re looking for a Security Controls & Compliance Manager to own the day-to-day operation and continuous improvement of our security control and compliance framework.

This role sits at the intersection of security, IT, and business systems, ensuring that controls are not only well-designed, but consistently executed, evidenced, and audit-ready.

You will work closely with internal teams across infrastructure, data, legal, and security to ensure we can continuously demonstrate compliance across frameworks such as SOC 2, ISO 27001, C5, and emerging standards like ISO 42001.

This is a hands-on role with management responsibility, suited to someone who enjoys turning complex operational environments into clear, measurable, and auditable systems.

What you’ll do

Own and operate Algolia’s security compliance programmes (SOC 2, ISO 27001, C5, ISO 42001)
Maintain and evolve a unified control framework mapped across multiple standards
Manage the full audit lifecycle, including preparation, coordination, and remediation
Design and run a risk-based internal audit programme
Ensure controls are continuously evidenced and audit-ready, leveraging automation wherever possible
Own and optimise compliance tooling (e.g. Vanta), ensuring it accurately reflects operational reality
Translate operational signals (e.g. from Jira, endpoint tooling, and internal systems) into reliable control evidence
Oversee vendor assurance processes, including due diligence and ongoing monitoring
Track and report on control effectiveness, risks, and remediation progress
Manage and develop a small team of compliance and assurance analysts

How you’ll work

Partner with infrastructure, IT, and data teams to ensure controls are implemented and operating effectively
Collaborate with security and engineering teams to align control requirements with technical capabilities
Work closely with legal and procurement on vendor assurance and compliance obligations
Act as a trusted point of contact for auditors and internal stakeholders

What we’re looking for

Experience managing security compliance programmes such as C5, SOC 2 and ISO 27001
Strong understanding of security controls and how they operate in real-world environments
Experience working with compliance/GRC tooling (e.g. Vanta, or similar)
Comfortable working cross-functionally with technical and non-technical teams
Ability to translate operational processes and technical signals into clear, auditable evidence
Experience coordinating audits and working with external auditors
Strong organisational skills with a pragmatic, delivery-focused mindset

Nice to have

Experience with additional frameworks such as ISO 42001
Familiarity with SaaS environments and cloud-native tooling
Exposure to vendor risk management programmes
Experience building or improving compliance processes in a scaling organisation

Why this role matters

This role is key to ensuring that Algolia’s security controls are not just defined, but consistently operating and provable. You’ll help build a system where compliance is continuous, efficient, and aligned with how the business actually runs.

#LI-Hybrid