Compliance Manager

• Own and evolve security and compliance foundations as Sona scales across the UK and US. • Lead an InfoSec-focused role with ISO 27001 as an immediate priority and SOC 2 likely in the medium term. • Be the first full-time compliance hire and fully own and craft a robust, scaleable compliance programme in a fast-growing software business.

• Have 5+ years' experience in information security, compliance, or closely related roles. • Have hands-on experience leading or materially contributing to external certifications such as ISO 27001, GDPR, SOC 2, and Cyber Essentials. • Have experience in a SaaS or technology environment, ideally a startup or scale-up. • Have strong understanding of security controls and how to implement them in practice, not just on paper. • Have experience working directly with tools, vendors, and configurations, not purely advisory. • Have a pragmatic, risk-based mindset with the ability to push back clearly and constructively. • Have a genuine enthusiasm for AI with demonstrable examples of using AI tools to improve how you work. • Be comfortable working in a hybrid model with 2-3 days per week in the London Soho office.

• Have exposure to US customers or US compliance expectations. • Have familiarity with AML or adjacent compliance areas with willingness to deepen expertise. • Have experience applying AI to compliance or security-specific workflows.

• Own and lead information security across the business including policies, controls, and risk management. • Lead external certifications and audits such as ISO 27001, GDPR, SOC 2, and Cyber Essentials. • Work cross-functionally to advise teams on risk and data security, supporting them with use of new tools and AI adoption. • Translate security and compliance requirements into concrete systems, tools, and processes. • Own or lead implementation of technical controls such as access management, logging, monitoring, incident response, and device management. • Act as the point of contact for RFPs, customer security reviews, questionnaires, and audits. • Support and develop AML compliance, extending depth over time where needed. • Proactively identify and implement AI-driven improvements to compliance workflows, tooling, and processes.

Sona is one of the most exciting B2B SaaS companies in the UK right now. The company has raised over $100 million from world-class investors and has grown revenue by 400% in 2023 alone. Two of the three founders, Oli Johnson and Ben Dixon, previously spent six years building Catapult, a gig platform for hospitality and retail, while Steffen Wulff Petersen came from Rocket Internet, where he helped launch Lazada, HelloFresh and Payleven. That domain expertise is a genuine differentiator: Sona is not a generic scheduling tool bolted onto HR. It is built from the ground up for complex, multi-site enterprises with hundreds or thousands of frontline staff. What stands out on Glassdoor (4.6/5 from 26 reviews, 88% recommend, 94% positive business outlook) is how consistently employees praise the team culture, the benefits and the pace of growth. The compensation sub-score is a remarkable 4.9/5. Sona offers genuinely strong benefits for a startup: Bupa health insurance, 25 days holiday plus 10 flexible public holidays (with an extra day per year of service), enhanced parental leave (26 weeks full pay for primary parents, 8 weeks for secondary), share options, pension matching up to 5%, twice-yearly team retreats and a quarterly £200 learning budget. The main things to be aware of: this is a fast-paced startup where priorities shift quickly; some reviews mention long hours and pressure around headcount management; and the team is still relatively small, at around 150 people. But with a fresh $45 million Series B led by N47, US expansion underway, and the recent launch of Forge, an enterprise AI application builder that lets customers create custom software on top of Sona's platform, the company is at a genuinely exciting inflexion point.

• Receive £75,000 to £85,000 salary. • Receive share options. • Work hybrid with 2-3 days a week in the London office in Soho. • Take 35 days annual leave including 25 days standard plus 10 flexible public holiday days. • Receive an extra day of leave for every year of service. • Get pension contributions matched up to 5%. • Access comprehensive health insurance. • Benefit from enhanced parental leave and pay. • Receive a co-working space stipend if based outside London. • Enjoy annual all expenses paid team retreats. • Get the latest Macbook and equipment budget for your home office. • Access a professional development budget. • Receive unlimited free books.

Sona is building the next generation of AI-native frontline workforce management. The end-to-end platform covers Scheduling, HR, Payroll, and Communications, giving the largest frontline organisations everything they need to staff more intelligently and empower their teams. In 4 years, Sona has made a deep impact on the lives of over 100k frontline workers, grown the team to 120+, and secured over $50M in funding from Felicis, Northzone, Gradient Ventures (Google), SpeedInvest, Antler, Notion Capital, plus angels like Tom Blomfield (Monzo).