Background:

Agilio Software Group is the UK’s largest provider of back office, compliance, and workforce solutions in primary care and dental.
We have ambitious and exciting growth plans and are looking for talented individuals to be part of our journey.

The role:

We are recruiting for a Compliance & Information Security Manager to maintain and enhance the company’s compliance and information security posture. You will manage certifications, audits, and governance activities, ensuring ongoing compliance with ISO 27001, PCI-DSS, Cyber Essentials Plus, GDPR, and other relevant standards and regulations.

Key Responsibilities:

Compliance & Governance

• Maintain and improve the ISMS in line with ISO 27001.
• Oversee Cyber Essentials Plus certification and ensure compliance with PCI-DSS and NHS DSP Toolkit standards.
• Act as Data Protection Officer (DPO) for GDPR compliance, including managing ICO registrations and updates (approx. 30 registrations).
• Support Subject Access Requests (SARs) and Data Protection Impact Assessments (DPIAs) for customers.
• Coordinate responses to customer security questionnaires and due diligence requests.
• Support incident response investigations and post-incident reviews.

Risk & Audit Management

• Maintain risk registers and compliance documentation, tracking remedial actions, reporting key risks to senior management.
• Plan and execute internal and manage external audits, penetration tests, and vulnerability assessments.
• Manage security ratings and ensure scores remain above agreed thresholds.

Security Operations & Tools

• Administer and optimise security tools and platforms including Eramba, Nessus, Defect Dojo, uSecure & iComply.
• Ensure and track continuous improvements of the security and data protection processes, policies and documentation.
• Monitor and report on compliance performance metrics.

Training & Awareness

• Deliver and manage security awareness programmes across the organisation.
• Maintain and update training content using platforms such as uSecure.
• Committee & Governance Meetings
• Facilitate quarterly meetings for the Physical Security, Risk, and Information Security Steering Committees.

Additional Responsibilities

• Reporting on cookie compliance across all sites and products
• Stay updated on regulatory changes and emerging security threats.
• Collaborate with IT, Engineering and Product teams to embed secure-by-design practices in development and operations.

The skills and experience which we are looking for in a Compliance & Information Security Manager are:

Essential

• Hands-on experience managing or supporting ISO 27001 and Cyber Essentials Plus certifications.
• Working knowledge of PCI-DSS, GDPR, and general data protection principles.
• Experience coordinating audits and maintaining compliance documentation.
• Strong organisational skills with attention to detail and ability to manage multiple projects.
• Excellent communication and stakeholder management skills across business units.

Additional Information

Job type: Home-based with occasional travel to company offices and suppliers.
Occasional out-of-hours work may be required to meet business needs.

Salary: Competitive salary and generous benefits
Income Protection
Life Assurance
Enhanced pension
Health Cash plan
28 days annual leave + bank holidays
Sick pay scheme
A range of flexible benefits available through our Agilio Flex portal

If you feel you have what it takes to join our team, we look forward to receiving your application!

If you are interested in applying, please email your CV along with a covering letter to central.people@agiliosoftware.com