Compliance and Regulatory Associate

Information Security And Compliance Specialist This is a newly created role, driven by business growth and the expanding scope of our compliance programme. You will work directly alongside our Information Security Lead/DPO and our Regulatory Affairs Specialist, providing hands-on support across both information security and quality/regulatory functions. Your primary focus will be information security and data protection, supporting ISMS operations, supplier assessments, and infosec-related processes, and supporting quality management and regulatory affairs. You will own a real workload from day one, with clear mentorship and room to grow into a specialist role. We welcome applications from people with a variety of backgrounds and experiences. Compliance expertise can be built in many different ways, and we're more interested in how you think, how you work, and what you bring to the team than in whether your CV matches every bullet point. If this role interests you, please apply. Key Responsibilities Information Security & Data Protection • Support the maintenance of our ISO 27001 ISMS by updating policies, procedures, and control evidence, and helping prepare for internal and external audits. • Assist with data protection administration maintaining records of processing activities, supporting data subject access requests, and tracking compliance obligations under UK GDPR and relevant US frameworks including HIPAA. • Coordinate security testing activity, working with the InfoSec Lead to scope, schedule, and track penetration testing and vulnerability assessments, and following up on remediation actions. • Support supplier and vendor management processing third-party security assessments, maintaining the vendor risk register, and chasing outstanding responses. • Manage security-related onboarding and offboarding processes, including access control reviews and checklist completion. • Maintain the security incident register, support initial triage and documentation of incidents, and track CAPAs through to closure. • Prepare responses to customer security questionnaires and assurance requests for external partners • Own the administrative chasing layer tracking outstanding sign-offs, forms, training acknowledgements, and evidence requests across the business. Regulatory Affairs & Quality • Support QMS documentation under ISO 13485 by maintaining and updating SOPs, work instructions, and quality records, and assisting with audit evidence preparation. • Assist with complaint and CAPA tracking logging complaints and adverse events, monitoring closure timelines, and supporting documentation of corrective and preventive actions. • Support change control administration preparing and tracking change request documentation across product and process changes. • Assist with regulatory filing and technical file maintenance for UK and US medical device requirements, including UK MDR 2002 and FDA SaMD guidance. • Provide documentation support for new product introductions. • Support QMS supplier qualification processes and documentation. Cross-Functional & Operational • Help coordinate and track evidence for ISO 27001 and ISO 13485 internal and external audits, including liaising with Engineering, Product, and Operations teams. • Support the wider company's transition into compliant operations by helping communicate new processes, coordinate training, and embed controls across functions. • Assist with identifying opportunities to reduce manual overhead through process improvement and workflow automation, as capacity allows. What We're Looking For Essential • 1–2 years of experience in an information security, compliance, or data protection role, ideally within a healthcare, health technology, or other regulated environment. • Working knowledge of ISO 27001 and/or GDPR / UK GDPR, gained through practical experience or formal study. • Exposure to healthcare data environments, including an understanding of the sensitivity and regulatory obligations around health information (HIPAA familiarity is a plus). • Strong organisational skills able to manage multiple ongoing workstreams, track outstanding actions, and follow up persistently without losing detail. • Methodical and documentation-oriented comfortable producing and maintaining accurate compliance records, evidence packs, and audit trails. • Clear communicator, able to chase colleagues for information and sign-offs professionally and effectively. Desirable • Familiarity with ISO 13485 or quality management systems, either through direct experience or study. • Experience with medical device software regulation (UK MDR, FDA SaMD) or willingness to build this knowledge quickly. • Exposure to supplier risk management or third-party security assessments. • Experience working with US and UK regulatory frameworks simultaneously. • Experience with compliance tooling or workflow automation. Personal Attributes • Proactive and self-motivated and able to take ownership of tasks and see them through without close supervision. • Calm under pressure and comfortable operating in a fast-paced environment where priorities can shift. • Curious and eager to develop interested in building expertise across both infosec and regulatory domains over time. • Collaborative able to work effectively as part of a small, senior team where everyone's contribution matters. What We Offer Benefits and Wellbeing • Competitive salary and equity share options. • 25 days PTO plus bank holidays. • Company pension scheme (UK). • Enhanced parental leave packages (UK). • Support with purchasing work-related books and materials. • Quarterly Life Days Enjoy 4 paid days off per year (one each quarter) to use whenever you choose to relax, recharge, or take care of personal matters. • Mental Health Support Access to dedicated mental health support services.

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...