| Description: |
Background:
Agilio Software Group is the UK s largest provider of back-office, compliance, and workforce solutions in primary care and dental. We have ambitious and exciting growth plans and are looking for talented individuals to join us on this journey. The Role:
We are recruiting for a Compliance & Information Security Manager to maintain and enhance the company s compliance and information security posture. You will manage certifications, audits, and governance activities, ensuring ongoing compliance with ISO 27001, PCI-DSS, Cyber Essentials Plus, GDPR, and other relevant standards and regulations. Home-based with occasional travel to company offices and suppliers. Key Responsibilities: Information Security Management - Maintain and improve the company s Information Security Management System (ISMS) in line with ISO 27001.
- Oversee annual Cyber Essentials Plus certification and ensure ongoing compliance.
- Support internal and external security audits, assessments, and penetration tests.
- Manage security awareness training and internal communication of security policies.
- Maintain risk registers, track remedial actions, and report key risks to senior management.
Compliance & Governance - Act as the company s Data Protection Officer (DPO), managing data protection compliance and incident reporting under UK GDPR.
- Ensure compliance with PCI-DSS and the NHS DSP Toolkit, coordinating with relevant teams and suppliers.
- Maintain documentation, policies, and procedures for compliance frameworks.
- Coordinate responses to customer security questionnaires and due-diligence requests.
- Monitor and report on compliance performance metrics.
Collaboration & Continuous Improvement - Work with IT, Engineering, and Product teams to embed secure-by-design practices.
- Support incident response investigations and post-incident reviews.
- Recommend and track improvements to information security and data protection practices.
- Stay informed on relevant regulatory updates and industry trends.
Essential Experience & Skills: - Hands-on experience managing or supporting ISO 27001 and Cyber Essentials Plus certifications.
- Working knowledge of PCI-DSS, GDPR, and general data protection principles.
- Experience coordinating audits and maintaining compliance documentation.
- Strong organisational skills with attention to detail and ability to manage multiple projects.
- Excellent communication and stakeholder management skills across business units.
If you feel you have what it takes to join our team, we look forward to receiving your application!  |
