myairops

About the Company

A global aviation software company providing premium SaaS solutions and services to the wide breadth of the aviation industry. myairops takes pride in supplying first-class support and security to all their clients. The team has a wealth of experience both in the air and on the ground and therefore can provide the best solutions, using knowledge gained from 37 years of first-hand experience.

Committed to simplifying the complexity of modern operations by providing simple, secure, scalable products that are designed for people, myairops consists of development teams, QA testers, operational support, and worldwide technical support.

USA: +1 561-888-3436
UK: +44 1252 984610

Listed Jobs

Company Name

myairops

Job Title

Information Security & Compliance Manager

Job Description

Job title: Information Security & Compliance Manager Role Summary: Lead the organization's information security strategy and daily operations, ensuring compliance with SOC 2 Type II, ISO 27001, and other industry standards. Oversee security operations across Azure cloud, product development, and vendor management while coordinating audits, vulnerability management, and disaster recovery testing. Expectations: - Maintain SOC 2 Type II and ISO 27001 compliance. - Lead audits and penetration testing initiatives. - Manage risk, vulnerability, and patch processes. - Communicate effectively with auditors, customers, and cross‑functional teams. Key Responsibilities: - Direct security operations for product and Azure cloud environments. - Manage external relationships with SOC 2 auditors, penetration testers, and security vendors. - Own SOC 2 audit lifecycle: preparation, evidence collection, and auditor liaison. - Respond to customer security questionnaires and due diligence requests. - Maintain public security and compliance portal. - Conduct technical audits, internal reviews, and control assessments. - Translate audit findings into actionable tasks for engineering and DevOps. - Perform vendor security assessments and supply‑chain risk management. - Oversee vulnerability and patch management for software libraries. - Enforce security policies, especially open‑source software and licensing compliance. - Plan and execute annual Business Continuity and Disaster Recovery tests. - Evaluate and configure Azure security tooling (firewall, DDoS, WAF). - Review change requests for security, privacy, and service availability impact. - Collaborate with CIO and DPO on organizational security and data privacy initiatives. Required Skills: - Proven experience in cyber or information security with a focus on cloud (Azure). - Successful delivery of SOC 2 Type II and/or ISO 27001. - Deep understanding of application security, cloud infrastructure, and DevOps practices. - Familiarity with frameworks: NCSC Cyber Assessment Framework, Cyber Essentials Plus, OWASP. - Experience selecting and managing third‑party audit and penetration testing vendors. - Strong communication, stakeholder engagement, and teamwork abilities. - Risk assessment and prioritization in fast‑paced environments. - Proficiency in network and security architecture design (e.g., Microsoft Visio). - Current UK security clearance to SC level or higher (or ability to obtain). Required Education & Certifications: - Degree in Cybersecurity, Information Security, Computer Science, or related field (or equivalent experience). - Relevant certifications preferred: CISSP, CISM, SSCP, ISO 27001 Lead Auditor, or SOC 2 Lead Auditor. ---

Farnborough, United kingdom

On site

10-12-2025