Information Security & Compliance Manager - #145335

myairops


Date: 4 days ago
City: Farnborough
Contract type: Full time

Position: Information Security & Compliance Manager

Location: Farnborough HQ (Hybrid schedule, 3 days a week in office)

Type: Permanent


About us:


myairops is a leader of SaaS products to the aviation industry. We have customers across the globe with diverse challenges including corporate flight departments, brokers, medical providers, military and business aviation operators. Our goal is to bring everything that aircraft operators need into a single customer-focused suite of products. Whether you are focused on flight operations, charter-sales brokering, aircraft management, continuing airworthiness, operating an airport or fixed base operation, or provide ground handling services, our platform has a solution. Solutions are provided through innovative web delivered software and connected mobile applications.


About the role:

We’re looking for a hands-on Information Security & Compliance Manager to take ownership of cyber security and data privacy across myairops. This role balances strategic oversight with practical, day-to-day security operations. You’ll be central to maintaining our SOC 2 Type II accreditation, managing third-party relationships, and ensuring our products and cloud infrastructure are secure, resilient, and compliant.


In this role, you will have the unique opportunity to lead our SOC2 audit activities, perform risk management reviews, and drive our vulnerability management program in alignment with industry best practices. Your keen eye for detail and exceptional problem-solving skills will be invaluable in analysing alerts from our monitoring platform and recommending necessary configuration changes and enhancements.


We are looking for a self-motivated individual with excellent communication and teamwork abilities, as you will collaborate extensively with cross-functional teams to achieve our security objectives. Your strong attention to detail, process-oriented mindset, and ability to meet deadlines with minimal supervision will be key to your success in this role.


Primary Responsibilities include, but are not limited to:


  • Lead security operations across our product and cloud environment (Azure), working closely with DevOps and engineering to ensure security best practices are followed.
  • Manage external relationships with security providers, including penetration testers and SOC 2 Type II auditors.
  • Own the SOC 2 audit process, coordinating internal preparation, evidence collection, and communication with auditors to ensure compliance is maintained.
  • Respond to customer security questionnaires, due diligence requests, and collaborate with sales and customer success to support commercial activities.
  • Oversee and maintain our public security and compliance portal: https://trust.myairops.com.
  • Conduct technical audits, regular internal reviews, and assess controls against internal policies and external standards.
  • Translate audit findings and test results into clear, actionable tasks for the engineering and DevOps teams.
  • Perform vendor security assessments, managing risk across our supply chain.
  • Manage vulnerability and patch management, ensuring critical software libraries are kept up to date.
  • Enforce security policies, particularly regarding open-source software and licensing compliance.
  • Plan and lead annual Business Continuity and Disaster Recovery tests, reporting outcomes and driving improvements.
  • Evaluate and configure Azure security tooling, including firewall, DDoS, and WAF services.
  • Contribute to governance processes, reviewing change requests for potential impact on security, privacy, and service availability.
  • Collaborate with the Group CIO and DPO, contributing to wider organisational security and data privacy initiatives.


Skills, Qualifications and Experience required:


  • 4+ years of experience in a similar role.
  • Must currently hold or be able to hold UK Security Clearance to SC level or higher.
  • A solid background in cyber or information security, with hands-on experience in cloud environments (ideally Azure).
  • Experience of successfully achieving ISO27001 or preferably SOC2 Type 2.
  • A pragmatic communicator who can bridge the gap between technical teams and auditors/customers.
  • Experience conducting or managing penetration tests and security audits.
  • Strong understanding of application security, cloud infrastructure, and DevOps practices.
  • Ability to assess risk and prioritise security tasks in a fast-paced environment.
  • Experience working with trust and compliance platforms is a bonus.
  • Awareness of industry frameworks, such as NCSC Cyber Assessment Framework, Cyber Essentials Plus and OWASP.
  • Experience interacting with customer security and data privacy teams.
  • Knowledge of PCI-DSS


Benefits include:


  • Hybrid Working Policy
  • Competitive Salary
  • Group Pension Scheme – up to 5% contributions matched
  • Comprehensive Life Assurance
  • Comprehensive Income Protection
  • Comprehensive Travel Insurance
  • Private Healthcare (after probation)
  • Free Car Parking
  • Discounts at popular retailers


Due to the volume of applications received, only candidates selected for interview will be contacted. If you do not hear from us within 20 working days then your application has been unsuccessful on this occasion.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Audit Senior

Menzies LLP, Farnborough
1 week ago
Menzies is an equal opportunities employer which means that we recruit, employ, train, pay, and promote regardless of race, religion, national origin, gender, sexual orientation, disability or age. We are building a first-class team and, to do so, we know that we need a diverse mix of talented people doing their best work. Are you an ambitious either soon to...

Senior Staff RFIC Design Engineer

Qualcomm, Farnborough
2 weeks ago
Company Qualcomm Technologies International Ltd Job Area Engineering Group, Engineering Group > ASICS Engineering General Summary We are searching for a Senior Staff level radio frequency integrated circuit (RFIC)/Analogue design engineer to join a strong group of RFIC designers to help lead Qualcomm in the development of RF transceivers to address the IoT market. Working within a dynamic design team...

Distribution Channel Marketing Manager – EUR (m,f,d)

Molex, Farnborough
3 weeks ago
Your Job We’re looking for an enthusiastic, versatile and marketing-savvy candidate to join our dynamic strategic marketing team. This position will be focused on supporting the Europe-region marketing strategies, with a primary focus on distribution marketing which plays a pivotal role in the success of Molex in the channel. This role is critical in managing marketing communications and demand generation...