Compass Education

Head of Compliance

🇦🇺 Sydney, AU Híbrido Finanzas, legal y compliance Jornada completa Lead Publicado Abr 20, 2026

Solicitar

UbicaciónSydney, AU

ModalidadHíbrido

ContratoJornada completa

SeniorityLead

CategoríaFinanzas, legal y compliance

Publicado20 de abril de 2026

Última verificación7 de mayo de 2026

Come shape the future of education and how we scale it safely.

At Compass, we’re on a mission to transform the school day for everyone - from staff and students to families and administrators. We build smart, seamless technology that empowers schools to focus on what really matters: learning, growing and thriving.

As Australia’s leading K–12 school management platform, Compass supports thousands of schools and is expanding across the UK and Ireland. Compass is at an exciting inflection point - scaling its product, its team and its compliance obligations in parallel.

We’re now looking for a Head of Compliance to join our team.

About the Role

Reporting to the Chief Financial Officer, this is a newly created, hands-on, standalone role - it is an opportunity to build a structured compliance function from the ground up, working alongside a pragmatic in-house legal function in a high-growth SaaS environment.

The role spans three core domains: enterprise risk and governance, information security (ISO 27001), and multi-jurisdictional regulatory compliance across Australia, the UK, and Ireland, with oversight of operational and third-party compliance (including payment ecosystems).

What you'll do

Operational & Third-Party Compliance

Oversee compliance across payment operations, third-party providers and key commercial partners.
Establish and standardise onboarding, compliance requirements and documentation processes.
Lead external compliance audits and act as the primary liaison with partners and assessors.
Identify and implement process improvements and automation to improve efficiency and reduce manual effort.

Information Security & Data Compliance

Lead ISO 27001 certification and ongoing ISMS maintenance across Australian and international entities.
Own audit preparation, evidence gathering and control documentation, driving a shift to continuous audit readiness.
Manage risk assessments and maintain the risk register, escalating material findings where required.
Support expansion into the UK and Ireland, ensuring alignment with GDPR, UK GDPR and NIS2.
Partner with Product and Engineering to embed security and compliance-by-design principles.
Oversee alignment with PCI-DSS and other relevant data security standards.

Regulatory Compliance & Policy Frameworks

Provide compliance input into new products, commercial initiatives and customer contracts.
Develop, maintain and embed compliance policies and procedures across the organisation.
Deliver training and awareness programs across privacy, information security and payments.
Monitor regulatory developments (ASIC, APRA, OAIC, ICO, CBI) and advise on required actions.

Risk & Governance

Establish and maintain a compliance monitoring and assurance program.
Drive a culture of proactive risk identification and accountability.
Maintain and report on the compliance risk register to the General Counsel, CFO and Board.
Build relationships with regulators and key external partners.
Support Legal on complex or high-risk compliance matters, escalating clearly and early.