Our customers buy on trust – and this role owns it. As Head of Compliance, you’ll run the operational heart of Beam’s compliance function: a multi-certification portfolio, the privacy practice alongside Legal, and the customer-assurance front line with enterprise and public-sector buyers. This is a hands-on operator’s role – on the audits, the processes, and the buyer conversations.
At Beam, you get to do work that matters for the world. We’re solving the world’s toughest social problems with an incredible team, tech and AI. And we’re growing fast 🚀
It’s not easy. Nothing worth doing ever is.
Join a company at the forefront of social impact, driving first-of-its-kind positive change. You’ll be part of a high-performance culture where you’ll make a huge impact, rapidly progress your career, and truly enjoy your work.
From top-tier coaching and personal development budgets to competitive salaries, we take care of everyone who works at Beam.
We’ve already seen incredible growth from our Beam Notes product, helping frontline workers save over 8 hours of admin per week. From social workers and NHS clinicians to mental health practitioners and safeguarding specialists, nearly 100,000 frontline workers across the UK, US and Australia are now using Beam Notes regularly to deliver faster, more human-centred support.
Our customers buy on trust – and this role owns it. As Head of Compliance, you’ll run the operational heart of Beam’s compliance function: a multi-certification portfolio, the privacy practice alongside Legal, and the customer-assurance front line with enterprise and public-sector buyers. This is a hands-on operator’s role – on the audits, the processes, and the buyer conversations.
You’ll join Trust & Safety, reporting to our Chief Information Risk Officer (CIRO) on a deliberately flat team: a Junior Compliance Analyst and three incoming senior hires (Information Security Operations, Management Systems & Risk, and US Compliance Leads). You’ll start as a senior individual contributor with a clear path to building and leading a team as we grow, and you’ll act as the CIRO’s deputy on compliance matters.
What you’ll do
- Own Beam’s certification portfolio end-to-end including ISO 27001, SOC 2 Type II, HIPAA, NHS DSPT, Cyber Essentials, GDPR and more, from planning and evidence to audit liaison and renewals. Three further ISO standards land March 2027; GovRAMP Core is underway in the US.
- Run privacy operations: DSARs to deadline, DPIAs, the ROPA, Article 28 sub-processor governance, and breach assessment.
- Lead customer assurance with enterprise and public-sector buyers (including the NHS), owning security questionnaires, due diligence, and defending Beam’s positions in sales conversations.
- Keep evidence continuously audit-ready in Drata, so audits are controlled, not a scramble.
- Build the runbooks and cross-training that make the practice resilient.
- Deputise for the CIRO on compliance decisions and escalations, setting the standard across Trust & Safety.
What you’ll need
- Personal ownership of a multi-framework certification portfolio in B2B SaaS – ISO 27001 or SOC 2 minimum, ideally with Cyber Essentials and a health or public-sector framework (NHS DSPT, HIPAA). You’ve run audits, evidence, and renewals yourself, not in support.
- Deep working UK GDPR knowledge you can apply without reaching for references – and the judgement to take a defensible customer-facing position fast and explain its legal basis.
- A track record as a calm, credible assurance operator with enterprise and public-sector buyers, holding a proportionate line on out-of-scope demands without damaging the relationship.
Nice to have
A health, social-care, or govtech background, with hands-on Drata (or similar) and customer trust portal experience.
You lead without authority, coordinating work across peer specialists.
US public-sector exposure (GovRAMP/StateRAMP or US state privacy) to support handover to our incoming US Compliance Lead.