IT, Security & Compliance Manager

About the Company
The company is a leading provider of political intelligence and policy information services. Scaling rapidly across the UK and Europe, the company has launched a comprehensive security and technology framework to protect its information assets, customers, and operations. The team is seeking an experienced, proactive IT, Security & Compliance Manager to own the day-to-day management of IT services, systems security, and incident response.

Role Purpose
The IT, Security & Compliance Manager is responsible for maintaining the security, integrity, and availability of the company's systems and infrastructure. This includes ensuring security policies and technical controls are implemented effectively, monitoring threats, and managing the Helpdesk function for internal users.
The role also involves supporting compliance-related queries from customers, prospects, and external stakeholders, as well as assisting with the completion of security questionnaires, tenders, and RFPs. The manager will proactively partner across the organisation with teams such as Commercial, Finance, and Engineering.
You will help protect the company’s platform, data, and users while contributing to the continuous improvement and maturity of the security and compliance environment.
Key ResponsibilitiesIT Operations

• Manage the day-to-day operation of the company’s IT systems (Microsoft 365, Intune, VPN, AWS environments, etc.)
• Manage user accounts, device security, and application access control
• Provide first-line and second-line Helpdesk support to internal users
• Ensure business continuity and disaster recovery plans are maintained and tested

Cybersecurity Management

• Implement and maintain security policies (e.g., access control, password management, vulnerability management)
• Monitor and respond to cybersecurity threats and incidents
• Oversee system patching, endpoint protection, and network security controls
• Lead periodic penetration tests and vulnerability assessments
• Manage risk assessments and security awareness training programs

Governance, Risk, and Compliance

• Maintain compliance with GDPR (both UK and EU) and emerging best practices
• Conduct regular access reviews and system audits
• Support incident reporting and documentation for regulatory and internal purposes
• Assist with responses to customer and prospect queries relating to compliance, security policies, and infrastructure
• Contribute to the timely and accurate completion of tenders, RFIs, RFPs, and other commercial questionnaires

Projects and Continuous Improvement

• Support IT and security improvement initiatives and systems upgrades
• Advise on secure configuration and design for new systems and projects
• Contribute to future technology strategy, automation, and tooling

Candidate ProfileEssential Skills and Experience

• 4–7 years’ experience in IT operations, cybersecurity, or a similar technical role
• Strong knowledge of cybersecurity best practices, frameworks (ISO 27001, NIST, CIS), and common attack vectors
• Hands-on experience with:
  
  • Microsoft 365, Azure AD / Entra ID, and Intune
  • Endpoint protection tools
  • Cloud security principles (AWS preferred)
  • VPNs, firewalls, and network security
• Solid incident response, troubleshooting, and system administration skills
• Experience implementing technical controls to support security policies

Desirable Skills

• Experience working in a SaaS or fast-growth technology company
• Experience supporting Commercial and Product teams with technical inputs for tenders, RFPs, RFIs, and customer security/compliance questionnaires
• Exposure to DevOps, automation, or scripting
• Security certifications (e.g., CompTIA Security+, SSCP, CISSP, CISM) desirable but not essential
• Experience working alongside a Managed Services Provider

Personal Attributes

• Highly proactive and ownership-driven
• Calm under pressure, with good judgment in urgent situations
• Comfortable working independently and collaboratively
• A clear and confident communicator
• Strong attention to detail and problem-solving mindset

We encourage applicants from all backgrounds, so if there is anything we can do to make our recruitment processes better for you and to allow you to show your best self, let us know. We also understand that some people require extra time to complete assessments, require alternative application methods and can also benefit from having interview questions or a guide to the type of questions pre-interview. We are open to any suggestions or requests that you may have and are always looking for creative ways to assess talent. Our commitment to you is that you should always feel safe and secure when you’re working with us. Futureheads is a B Corp accredited digital recruitment agency based in London. We specialise in recruiting permanent, contract and freelance digital and tech professionals in creative, data, design, digital marketing, engineering, product, project and programme management, UX and service design jobs.