Compliance & Information Security Manager

Compliance & Information Security Manager

Background:
Agilio Software Group is the UK s largest provider of back-office, compliance, and workforce solutions in primary care and dental. We have ambitious and exciting growth plans and are looking for talented individuals to join us on this journey.

The Compliance & Information Security Manager Role:
We are recruiting for a Compliance & Information Security Manager to maintain and enhance the company s compliance and information security posture. You will manage certifications, audits, and governance activities, ensuring ongoing compliance with ISO 27001, PCI-DSS, Cyber Essentials Plus, GDPR, and other relevant standards and regulations.

Home-based with occasional travel to company offices and suppliers.

Compliance & Information Security Manager Key Responsibilities:

Compliance & Governance

  • Maintain and improve the ISMS in line with ISO 27001.
  • Oversee Cyber Essentials Plus certification and ensure compliance with PCI-DSS and NHS DSP Toolkit standards.
  • Act as Data Protection Officer (DPO) for GDPR compliance, including managing ICO registrations and updates (approx. 30 registrations).
  • Support Subject Access Requests (SARs) and Data Protection Impact Assessments (DPIAs) for customers.
  • Coordinate responses to customer security questionnaires and due diligence requests.
  • Support incident response investigations and post-incident reviews.

Risk & Audit Management

  • Maintain risk registers and compliance documentation, tracking remedial actions, reporting key risks to senior management.
  • Plan and execute internal and manage external audits, penetration tests, and vulnerability assessments.
  • Manage security ratings and ensure scores remain above agreed thresholds.

Security Operations & Tools

  • Administer and optimise security tools and platforms including Eramba, Nessus, Defect Dojo, uSecure & iComply.
  • Ensure and track continuous improvements of the security and data protection processes, policies and documentation.
  • Monitor and report on compliance performance metrics.

Training & Awareness

  • Deliver and manage security awareness programmes across the organisation.
  • Maintain and update training content using platforms such as uSecure.
  • Committee & Governance Meetings
  • Facilitate quarterly meetings for the Physical Security, Risk, and Information Security Steering Committees.

Additional Responsibilities

  • Reporting on cookie compliance across all sites and products
  • Stay updated on regulatory changes and emerging security threats.
  • Collaborate with IT, Engineering and Product teams to embed secure-by-design practices in development and operations.

Compliance & Information Security Manager Essential Experience & Skills:

  • Hands-on experience managing or supporting ISO 27001 and Cyber Essentials Plus certifications.
  • Working knowledge of PCI-DSS, GDPR, and general data protection principles.
  • Experience coordinating audits and maintaining compliance documentation.
  • Strong organisational skills with attention to detail and ability to manage multiple projects.
  • Excellent communication and stakeholder management skills across business units.

If you feel you have what it takes to join our team, we look forward to receiving your application!

Apply Now
Apply Now

Job Details

Company
Agilio Software Bidco Limited
Location
United Kingdom
Hybrid / Remote Options
Employment Type
Permanent
Salary
GBP Annual
Posted