Information Security Compliance Manager

We believe transformation doesn't happen in a vacuum. It happens when smart people partner with customers, bring clarity to messy environments, and turn complexity into confident decisions.

At Orbus Software, we help some of the world's most sophisticated organizations understand their business inside and out. Our platform connects strategy to execution, IT to the business, and transformation goals to measurable results. When leaders need to modernize, integrate, or re‑shape how their enterprise works, we help them do it with precision and pace.

Our customers span industries and continents. We work side by side with global enterprises, public institutions, and fast‑moving innovators. That might mean guiding a Fortune 500 through a complex merger, helping a bank streamline its architecture, or enabling a healthcare provider to move faster without breaking what already works. The pattern is the same. We earn trust, we solve real problems, and we leave customers in a better place than we found them.

Information Security is central to how we deliver that value. Our security teams do not simply enforce controls. They anticipate risk, enable the business, and design safeguards that let customers move faster with confidence. You will partner closely with Product, Engineering, IT, Legal, Customer Success, and key technology partners to shape secure architectures, embed security into how our solutions are built and operated, and guide customers through assessments, certifications, and ongoing assurance.

If you are energized by defending complex cloud platforms, curious about how large organizations manage risk, and driven to make customers measurably safer and stronger, you will thrive here.

Orbus Software is strengthening its global security and compliance posture as we expand into highly regulated markets, including the US federal sector. With FedRAMP In Process and a growing portfolio of certifications, we are investing in security and compliance as a core business capability, not a checkbox exercise.

We are seeking a hands‑on Information Security Compliance Manager to join our team. This role is key in ensuring Orbus Software maintains continuous compliance with major security frameworks, specifically ISO27001, IRAP, FedRAMP, and SOC 2 Type II. You will be the subject–matter expert and primary point of contact for all compliance‑related activities, both internally and with external auditors.

This is a rare opportunity to build and mature a modern compliance program that keeps pace with a fast‑growing SaaS business. You will shape our control environment, drive certification and recertification efforts, formalise operating rhythms for audits and assessments, and translate regulatory expectations into clear, pragmatic practices for teams across Orbus.

This role is based in London, with in‑office collaboration two to three times per week. Candidates must already be located in the London area. Relocation support is not available for this position.

• Act as the primary owner for Orbus Software's information security compliance program across ISO27001, IRAP, FedRAMP, and SOC 2 Type II, ensuring we stay continuously audit‑ready
• Maintain and improve our compliance posture by defining controls, monitoring effectiveness, and driving the activities required for certification, recertification, and ongoing assessments
• Plan and conduct regular internal audits to verify adherence to security controls and compliance requirements, identify gaps, recommend remediation, and track actions through to closure
• Coordinate external audits end to end, serving as the main point of contact for third‑party auditors, managing evidence collection, and ensuring timely and accurate responses
• Develop, review, and maintain security policies, standards, procedures, and supporting documentation so they reflect both current frameworks and how the business actually operates
• Lead the information security risk management process, including risk identification, assessment, treatment planning, and reporting, while maintaining a clear and current risk register for leadership
• Partner closely with Product, Engineering, IT, Legal, and other business units to embed required controls into day‑to‑day operations and provide practical guidance and training where needed
• Identify and drive improvements to security and compliance processes, tooling, and ways of working, helping to build a culture of accountability and continuous improvement across the organisation

• Proven experience in information security compliance within a SaaS or software environment
• Direct, hands‑on experience with ISO27001 and SOC 2 Type II, with additional exposure to IRAP and FedRAMP a strong advantage
• Strong knowledge of security controls, audit processes, and risk management, including running internal audits and supporting external ones
• Clear, confident communication skills, with the ability to explain requirements and trade‑offs to both technical and non‑technical stakeholders
• A detail‑oriented, organised, and proactive working style, with the ability to operate independently and follow through on actions
• Relevant certifications such as CISM, CISA, CISSP, or ISO27001 Lead Auditor or Implementer (or clear progress toward them)

Headquartered in London, Orbus Software serves clients across finance, healthcare, government, and technology, with a strong and growing presence in North America, Europe, and Asia.

In 2024 and 2025, we were named a Leader in the Gartner® Magic Quadrant™ for Enterprise Architecture Tools.

If you are curious, motivated, and ready to grow with a team that values clarity, collaboration, and purpose, we would love to meet you.

Generous time off: Everyone gets at least 25 days of paid annual leave. Rest is not a reward. It is a prerequisite for high performance.

Future‑focused support: We offer retirement and insurance plans tailored by region, including health, life, and disability coverage.

Flexibility that works: Our hybrid model gives you the best of both worlds. You'll spend 2 to 3 days a week collaborating in our city‑centre hubs in London, New York, Katowice or Sydney, with the rest of the week working where you do your best thinking.

Support for every life stage: Whether you're raising a family, caring for a loved one, or planning what's next, we provide flexible schedules, paid family leave, and resources to help you balance work and life with confidence.

We don't believe in perks for show. Everything we offer is built to help you grow, stay well, and do meaningful work over the long term.

Offers of employment will be dependent on satisfactory references and background checks.

Department Information Technology & Security Locations London, United Kingdom Remote status Hybrid Employment type Full‑time