Job Description

Job Title: Security and Compliance Manager

Salary: £70,000-£100,000 + Benefits

Location: UK - Remote

Industry: AI + Consultancy

This role offers an unparalleled chance to lead and shape the strategic direction of information security, quality management, AI governance, and data privacy. The successful candidate will be at the forefront of ensuring the organisation's adherence to the highest standards, driving both internal and external trust.

Key Responsibilities:

- Strategic Leadership: Develop, implement, and continuously refine strategies for information security (ISO 27001), quality management (ISO 9001), AI governance (informed by ISO 42001 principles), and data privacy (e.g., GDPR, DPA), ensuring these align seamlessly with business objectives.

- ISO &Compliance Framework Management: Lead the design, implementation, maintenance, and auditing of an integrated management system. Serve as the primary contact for certification bodies and spearhead all audit activities.

- Information Security Officer (ISO Role): Oversee the organisation's security posture, policies, risk management, and incident response, providing technically credible input.

- AI Governance Lead: Manage the implementation and operation of AI governance, ensuring responsible AI practices.

- Data Privacy Oversight: Ensure compliance with relevant data privacy regulations across the organisation.- Sales Enablement: Act as a senior subject matter expert supporting enterprise sales; oversee security questionnaires, participate in due diligence, and build client trust.

- Process and Documentation: Develop and drive the adoption of efficient policies, procedures, and templates, leveraging automation, GRC tooling, and AI where feasible.- Governance and Reporting: Establish and manage governance structures, reporting on key metrics, risks, and programme status.

- Cross-Functional Collaboration: Work closely with Engineering, Product, Legal, HR, and other departments to embed security, privacy, and AI governance into their processes.

- Vendor Risk Management: Oversee the assessment and management of third-party risks, including the review of relevant SOWs/contracts.

- MDM Policy & Oversight: Define and oversee policies related to Mobile Device Management.

- Training and Awareness: Develop and deliver comprehensive training programmes to embed security, privacy, and AI governance awareness across the organisation.Skills and

Experience Required:

- Extensive experience in information security, quality management, AI governance, and data privacy.

- Proven track record in leading ISO and compliance framework management.

- Strong understanding of ISO 27001, ISO 9001, ISO 42001 principles, GDPR, and DPA.

-Demonstrated ability to develop and implement strategic initiatives.

- Excellent communication and collaboration skills, with the ability to work cross-functionally.

- Experience in vendor risk management and mobile device management.

- Proficiency in leveraging automation and GRC tooling to streamline processes.

- Strong leadership and training capabilities.