Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead and enhance our information security and compliance framework to protect against cyber threats.
- Company: Join one of the fastest growing cyber security firms in the UK and North America.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while fostering a culture of security awareness.
- Qualifications: Strong knowledge of information security frameworks and regulatory compliance.
- Other info: Dynamic team environment with a focus on innovation and collaboration.
The predicted salary is between 36000 - 60000 £ per year.
At Quorum Cyber, we are on a mission to help good people win. Founded in Edinburgh in 2016, we are one of the fastest growing cyber security companies in the UK and North America, serving over 400 customers on four continents. We protect organisations against the rising threat of cyber-attacks, enabling them to thrive in an increasingly unpredictable and inhospitable digital landscape.
The Compliance & Information Security Manager is responsible for establishing, maintaining, and continuously improving Quorum Cyber's information security posture and regulatory compliance framework. This role serves as the cornerstone of our security governance, ensuring that our cybersecurity services business operates with the highest standards of security and compliance while enabling business growth and client trust. The position requires a strategic leader who can translate complex regulatory requirements into practical, business-enabling security controls while fostering a culture of security awareness throughout the organisation.
What I Do Is
- Strategic Security Leadership
- Develop and implement comprehensive information security policies, procedures, and standards aligned with industry best practices and regulatory requirements.
- Design and maintain the organisation's security governance framework, ensuring clear accountability and oversight mechanisms.
- Lead security risk assessments and vulnerability management programs, prioritising remediation efforts based on business impact.
- Collaborate with senior leadership to integrate security considerations into business strategy and decision-making processes.
- Compliance Management
- Establish and maintain compliance programs for relevant frameworks including ISO 27001, SOC 2, GDPR, PCI DSS, CE+ and industry-specific regulations.
- Coordinate internal and external audits, managing remediation activities and ensuring timely closure of findings.
- Monitor regulatory changes and assess their impact on business operations, implementing necessary adjustments to maintain compliance.
- Develop and maintain compliance documentation, evidence collection processes, and reporting mechanisms.
- Operational Security Excellence
- Oversee security incident response processes, ensuring rapid detection, containment, and recovery from security events.
- Manage security awareness training programs, creating a security-conscious culture across all organizational levels.
- Coordinate with IT teams to ensure secure system configurations, patch management, and access controls.
- Stakeholder Engagement
- Serve as the primary point of contact for clients, auditors, and regulatory bodies on security and compliance matters.
- Collaborate with sales and delivery teams to support client security requirements and RFP responses.
- Provide regular security and compliance reporting to executive leadership and board members.
- Build and maintain relationships with external security partners, vendors, and industry peers.
The Skills I Need Are
- Technical Expertise
- Deep understanding of information security frameworks (NIST, ISO 27001, SOC2, CMMC, CIS Controls).
- Proficiency in security technologies including SIEM, vulnerability management, endpoint protection, and network security.
- Knowledge of cloud security principles and practices across major platforms (AWS, Azure, GCP).
- Understanding of security architecture principles and secure software development practices.
- Experience with security assessment tools and methodologies.
- Compliance & Regulatory Knowledge
- Extensive experience with regulatory frameworks relevant to cybersecurity services (GDPR, SOC 2, ISO 27001, PCI DSS, CMMC).
- Understanding of audit processes and evidence collection requirements.
- Knowledge of data protection laws and cross-border data.
Compliance & Information Security Manager in Edinburgh employer: Quorum Cyber
Contact Detail:
Quorum Cyber Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Compliance & Information Security Manager in Edinburgh
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cyber security field. Attend industry events, webinars, or even local meetups. The more people you know, the better your chances of landing that Compliance & Information Security Manager role.
✨Tip Number 2
Show off your expertise! When you get the chance to chat with potential employers, don’t hold back on sharing your knowledge about information security frameworks and compliance regulations. Let them see how you can bring value to their team.
✨Tip Number 3
Tailor your approach! Research Quorum Cyber and understand their mission and values. When you apply through our website, make sure to highlight how your skills align with their goals in protecting organisations against cyber threats.
✨Tip Number 4
Follow up after interviews! A quick thank-you email can go a long way. It shows your enthusiasm for the role and keeps you fresh in their minds. Plus, it’s a great opportunity to reiterate why you’re the perfect fit for the Compliance & Information Security Manager position.
We think you need these skills to ace Compliance & Information Security Manager in Edinburgh
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Compliance & Information Security Manager role. Highlight your experience with information security frameworks and compliance management, as these are key for us at Quorum Cyber.
Craft a Compelling Cover Letter: Your cover letter should tell us why you're passionate about cybersecurity and how your skills align with our mission. Share specific examples of how you've implemented security policies or managed compliance in previous roles.
Showcase Your Technical Skills: We want to see your technical expertise shine through! Mention any relevant certifications or tools you’ve worked with, especially those related to NIST, ISO 27001, or cloud security. This will help us understand your fit for the role.
Apply Through Our Website: Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows us you’re keen on joining our team!
How to prepare for a job interview at Quorum Cyber
✨Know Your Frameworks
Make sure you brush up on your knowledge of information security frameworks like ISO 27001, SOC 2, and GDPR. Be ready to discuss how you've applied these in past roles or how you would implement them at Quorum Cyber.
✨Showcase Your Strategic Thinking
Prepare examples that demonstrate your ability to translate complex regulatory requirements into practical security controls. Think about times when you've led security initiatives that not only met compliance but also supported business growth.
✨Engage with Real Scenarios
Be ready to discuss specific incidents you've managed or risk assessments you've conducted. Quorum Cyber values operational excellence, so showcasing your hands-on experience with incident response will set you apart.
✨Build Relationships
Highlight your experience in stakeholder engagement. Talk about how you've collaborated with clients, auditors, and internal teams to foster a culture of security awareness and ensure compliance. This role is all about communication, so show them you're a team player!