Information Security and Compliance Manager

Information Security and Compliance Manager Department: Operations Employment Type: Full Time Location: Remote, UK Compensation: Up to £70,000 / year - Dependent on experience Description We are seeking an experienced and proactive Information Security and Compliance Manager to lead our information security, data protection and compliance activities. This role is critical in ensuring that our systems, data and processes are secure, resilient, and compliant with relevant legal and regulatory requirements. You will act as the subject matter expert for information security and compliance, working closely with technical teams, leadership, and external stakeholders to manage risk and promote a strong security culture across the organisation. Aptem is a rapidly growing remote-first scale-up, so expect a dynamic and fluid environment, with all of the opportunities and challenges this entails. This role will suit a proactive person who thrives on using their initiative, can come up with practical solutions when solving problems and is comfortable with ambiguity. The right candidate will be outcome-focused and adept at managing their own time and priorities to work with impact. We are a remote-first company, and this role can either be a remote role based within the UK, or hybrid based in our London office. Key Responsibilities Review, develop and maintain Aptem’s compliance and information security framework Own and maintain company policies and procedures Lead compliance activities, including those aligned with ISO 27001 and 9001 Conduct risk assessments, audits and gap analyses, and manage remediation plans Monitor emerging security threats, regulatory changes, and industry best practices Provide regular reporting and recommendations to senior leadership Develop and deliver training programmes for employees on security and compliance-related topics Serve as the primary point of contact with regulatory bodies and other external organisations Incident management, including investigating compliance incidents and breaches, and recommending corrective actions Lead initiatives to enhance awareness and commitment to compliance and ethical standards Act as Aptem’s Data Protection Officer (DPO) Desired skills and technical knowledge Proven experience in an information security, risk, or compliance management role Prior experience as a DPO, ideally within a growing SaaS business Strong knowledge of information security standards and regulations (e.g. ISO 27001, GDPR, Cyber Essentials/Cyber Essentials Plus etc.) Experience leading audits and compliance certifications Strong, professional communication skills across all channels (face-to-face, email, Teams, presentations, calls, etc.) Ability to work effectively under pressure and to manage sensitive and confidential information Strong project management skills Strong problem-solving ability Experienced with engaging and managing stakeholders at all levels Rigorous focus on quality and process improvement Ability to deliver own work to the very highest standards Helps others maintain and improve work output quality through continuous feedback and coaching Demonstrated track record of implementing process improvements with proven business results Demonstrates good personal organisation and close attention to detail High ethical standards and integrity Benefits 27 days holiday allowance plus bank holidays, with an additional day off on your birthday! Option to take up to 2 days of paid volunteering leave every year. Half a day off at the end of the working week during June, July and August. Option to purchase up to 5 days of additional leave. Company pension scheme. Life insurance. Private health insurance with Aviva. Discounted gym membership. Electric vehicle scheme. Retail and other discounts. Employee Assistance Programme. Learning and development budget. Regular paid social events throughout the year.