Compliance Manager

Role Overview

You’ll be the person who owns how compliance actually works at Tortus, internally and externally. You’ll sit at the centre of product, engineering, and operations, making sure we meet Class II medical device requirements while still moving fast.

You’ll be our point person for ISO and medical device compliance, owning our QMS and ensuring our systems scale with the product. At the same time, you’ll manage key external partners (DPO, DSPT, Cyber Essentials Plus, etc.), making sure we deliver what we need without bloating the role. If you’ve worked in a regulated product environment, you’ll know this balance matters.

What you’ll do

• Own medical device compliance
  • Own and evolve our Quality Management System (QMS)
  • Ensure our product remains compliant as it evolves (features, integrations, deployments)
  • Work closely with product and engineering to embed compliance into how we build
• Be the internal owner for ISO
  • Act as the point person for ISO 13485 and ISO 27001
  • Maintain standards through internal audits, process updates, and continuous improvement
  • Ensure documentation, policies, and controls are audit‑ready at all times
• Manage audits and certification
  • Own preparation for audits and regulatory inspections
  • Coordinate evidence gathering and responses
  • Track and close CAPAs
  • Maintain UKCA and other relevant certifications
• Own external compliance relationships
  • Manage external partners across:
    • DPO
    • DSPT
    • Cyber Essentials Plus
  • Ensure we meet all deliverables and deadlines without internalising unnecessary scope
  • Stay accountable for outcomes, even when execution is outsourced
• Clinical safety & governance
  • Likely act as (or grow into) a Clinical Safety Officer (CSO)
  • Support clinical risk processes (e.g. hazard workshops)
  • Act as a point of contact for clinical safety queries
• Operate cross‑functionally
  • Work deeply with product and engineering teams
  • Translate regulatory requirements into practical decisions
  • Support customer and NHS‑facing compliance processes (e.g. DTAC, DPIAs)

What we’re looking for

Experience

• Experience in SaMD compliance
• Strong working knowledge of ISO 27001, 13485, and broader ISO frameworks
• Experience owning or contributing to a QMS
• Experience supporting audits and maintaining certifications
• Comfortable operating in a fast‑moving, product‑led environment

Mindset & capability

• You understand software or can quickly get there. You don’t need to have been an engineer, but you need to be able to work closely with them
• You’ve worked in (or can operate within) a product/tech team in a regulated space
• You take ownership; of systems, deadlines, and outcomes
• You’re structured, but pragmatic

Nice to have

• Clinical background or experience working closely with clinical teams
• Experience as a CSO (or willingness to become one)
• Exposure to AI or data‑driven healthcare products
• Familiarity with NHS requirements (e.g. DSPT, DTAC)

What you get

• Compensation: Competitive base salary and meaningful equity in an early‑stage company with strong NHS traction.
• Impact: Help scale a company with proven clinical outcomes from startup to NHS‑wide deployment. Our data shows clinicians get 25% more patient‑facing time.
• Team: Join a small, growing Commercial team. You’ll help define how we sell, not just execute a playbook.
• Mission: Give clinicians back their time. This is life‑changing for doctors and improves patient care at scale.

Practicalities

• Location: London‑based (Holborn) with three days per week in the office

Diversity, Equity & Inclusion

Healthcare serves everyone, so our team should too.

We’re committed to building a diverse, inclusive organisation where different perspectives are valued and heard. If our mission resonates with you but your experience doesn’t look “typical,” we still want you to consider applying.

#J-18808-Ljbffr