At a Glance
- Tasks: Manage security compliance and assurance while driving innovative AI governance.
- Company: Join Infinity, a leading tech company revolutionising call intelligence and AI insights.
- Benefits: Enjoy a 4.5-day work week, generous holiday, and health benefits.
- Other info: Be part of a diverse team that values collaboration and continuous learning.
- Why this job: Shape the future of security in an AI-driven environment with real impact.
- Qualifications: Experience in ISO 27001, PCI-DSS, and GDPR compliance is essential.
The predicted salary is between 60000 - 80000 € per year.
Salary: Dependent on Experience
Location: Flexible: Reigate or Manchester area
Job type: Full time
Working Pattern: 2 days per week onsite | 4.5 day working week (Half day Fridays)
About Infinity
We are building the next generation of call intelligence and AI-driven insight platforms. Over the next three years, our focus is on evolving from a strong analytics foundation into an outcome-driven, API-first platform that embeds intelligence directly into customer workflows. This is an opportunity to join us at a pivotal stage. You’ll help shape both how we build and what we build, working on systems that process high-volume, high-value data and increasingly leverage AI and automation to deliver measurable customer and business outcomes. We value pragmatic engineering, clear thinking, and continuous learning. Our teams are small, autonomous, and outcome-focused, with a strong emphasis on quality, ownership, and collaboration. We are entering our next growth phase - investing in AI-powered platform scalability, operational excellence and maturity, and cost-efficient growth to support our long‑term strategy and enterprise ambitions.
The Role
- ISMS Management & Continual Improvement
- Own the day-to-day operation and maintenance of Infinity’s Information Security Management System (ISMS), ensuring documentation remains current, accurate, and audit-ready as the organisation evolves.
- Conduct a structured review of Infinity’s compliance posture against ISO 27001:2022, building on our existing certification to ensure controls remain robust, current, and continuously improving.
- Maintain and evolve the risk register, asset register, and control framework – ensuring they reflect the real state of the organisation and are not treated as point-in-time artefacts.
- Drive the internal audit programme and coordinate external certification audits, acting as the primary point of contact for our certification body.
- Ensure policies, procedures, and supporting documentation remain fit for purpose as the organisation evolves.
- PCI‑DSS & Regulatory Compliance
- Own operational compliance with PCI‑DSS v4.0.1 – coordinating evidence, managing the relationship with our QSA, and ensuring controls remain effective between audit cycles.
- Maintain working knowledge of GDPR and ICO obligations as they apply to Infinity’s data practices.
- Monitor the evolving regulatory landscape – including NIS2 and future SOC 2 scope.
- Security Operations & Assurance
- Partner with the Head of DevOps to drive Infinity’s move toward continuous penetration testing.
- Own the InfoSec request process – responding to client and prospect security questionnaires, due diligence requests, and vendor assessments.
- Maintain oversight of security tooling and controls.
- Support incident response processes – maintaining the incident response plan and coordinating tabletop exercises.
- Reporting & Visibility
- Produce regular security and compliance reporting for the CTO and senior leadership.
- Build and maintain the metrics and dashboards that make security posture visible and meaningful.
- Represent Infinity’s security and compliance credentials credibly in commercial conversations.
- AI Governance & Emerging Obligations
- Partner with the Head of AI Platform & Applied Intelligence on AI governance requirements.
- Ensure security and compliance considerations are embedded in the design of new AI features and platform capabilities.
- AI-Augmented Security & Compliance
- Actively adopt and champion the use of AI tooling to improve the efficiency and effectiveness of security and compliance operations.
- Stay current with how AI is reshaping the compliance and security landscape.
About You – Essential
- Solid working knowledge of ISO 27001.
- Practical understanding of PCI‑DSS and GDPR as they apply in a B2B SaaS context.
- A detail‑oriented, ownership-driven approach.
- Strong written communication skills.
- The organisational capability to maintain multiple workstreams simultaneously.
- Comfortable working as an individual contributor with broad organisational reach.
Highly Desirable
- Experience responding to enterprise InfoSec questionnaires.
- Familiarity with continuous penetration testing approaches and programmes.
- Working knowledge of NIS2 and SOC 2.
- Exposure to AI governance frameworks.
- Experience working within a cloud-native environment.
- Relevant professional qualifications – CISSP, CISM, ISO 27001 Lead Auditor or Implementer, or equivalent.
Benefits You Can Enjoy
- 4.5 day working week (Half day every Friday – 1pm finish).
- 25 days holiday (with the option to buy up to an additional 5 days per year).
- Private single medical insurance.
- Employee Assistance Programme.
- Life Assurance (4x Salary).
- Enhanced Maternity and Paternity Pay.
- Tech Scheme Loan (of up to £2,000 per year).
- Ride to Work Scheme.
- Season Ticket Loan.
- Dedicated annual company and team social budget.
At Infinity, our aim is to be the best call tracking provider in the world and to do that we welcome our employees with open arms and create an environment where you can bring your best self, every day! We're an equal opportunities employer.
Security, Compliance & Assurance Manager in Reigate employer: Infinity
Infinity is an exceptional employer that fosters a collaborative and innovative work culture, allowing employees to thrive in their roles while contributing to the evolution of AI-driven platforms. With a flexible working environment, a 4.5-day work week, and a strong emphasis on employee well-being through comprehensive benefits, including private medical insurance and generous holiday allowances, Infinity prioritises both personal and professional growth. Join us in shaping the future of call intelligence, where your contributions will be valued and your career can flourish.
StudySmarter Expert Advice🤫
We think this is how you could land Security, Compliance & Assurance Manager in Reigate
✨Tip Number 1
Network like a pro! Reach out to people in your industry on LinkedIn or at events. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Tailor your answers to show how you fit into their vision, especially around security and compliance.
✨Tip Number 3
Practice makes perfect! Do mock interviews with friends or use online platforms. The more comfortable you are, the better you’ll perform when it counts.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love hearing from passionate candidates!
We think you need these skills to ace Security, Compliance & Assurance Manager in Reigate
Some tips for your application 🫡
Tailor Your Application:Make sure to customise your CV and cover letter to highlight your experience with ISO 27001, PCI-DSS, and GDPR. We want to see how your skills align with our needs, so don’t be shy about showcasing relevant projects!
Show Off Your Communication Skills:Since strong written communication is key for this role, ensure your application is clear and well-structured. Use bullet points where necessary and keep it concise. We love a good, easy-to-read application!
Demonstrate Your Ownership Mindset:We’re looking for someone who takes personal responsibility for their work. In your application, share examples of how you’ve managed multiple projects or audits without losing track. Show us you can juggle tasks like a pro!
Apply Through Our Website:Don’t forget to submit your application through our website! It’s the best way for us to receive your details and ensures you’re considered for the role. Plus, we love seeing applications come in directly from interested candidates!
How to prepare for a job interview at Infinity
✨Know Your Standards
Make sure you have a solid understanding of ISO 27001 and PCI-DSS. Brush up on the specifics of these standards, as you'll likely be asked how you've applied them in past roles. Being able to discuss your hands-on experience with maintaining an ISMS will definitely set you apart.
✨Showcase Your Detail Orientation
This role requires a detail-oriented approach, so prepare examples that demonstrate your ability to manage multiple workstreams without losing track. Think about times when you successfully handled audits or compliance requests while keeping everything organised and accurate.
✨Communicate Clearly
Strong written communication skills are essential. Be ready to share examples of reports or policies you've created. Practise explaining complex security concepts in simple terms, as you may need to communicate with various audiences, from technical teams to senior leadership.
✨Stay Ahead of AI Trends
With AI being a key focus for Infinity, show your enthusiasm for how AI is reshaping security and compliance. Familiarise yourself with current AI governance frameworks and be prepared to discuss how you can leverage AI tools to enhance security operations.
