Compliance Manager

At Tortus we work with clinicians and hospitals to provide clinically safe and reliable AI. We use speech-to-text and LLM models to infer information about a patient visit and provide verified documentation and actions — eliminating the documentation burden that costs clinicians hours every day.

We've recorded over 1 million consultations. Clients include London Ambulance Service and a large proportion of UK GP surgeries. We are now entering our next phase: an AI doctor product and a ~£30M Series A raise.

You will own and develop Tortus's compliance function, reporting directly to the CTO. Hands-on ownership across our full regulatory stack: ISO 27001, ISO 13485, NHS DTAC, and our in-progress Class IIa medical device submission.

• Own day-to-day compliance operations across ISO 27001, ISO 13485, and NHS DTAC

• Drive our Class IIa medical device submission to completion

• Develop and maintain policies, procedures, risk registers, and audit-ready documentation

• Act as primary internal point of contact for compliance queries from engineering, product, and commercial

• Manage relationships with auditors, certification bodies, and regulatory stakeholders

• Build compliance culture: training, awareness, embedding good practice across the org

• Deep working knowledge of ISO 27001 and ISO 13485 — you have owned or significantly contributed to certifications

• Familiarity with NHS DTAC, DSP Toolkit, and the UK medical device regulatory landscape

• Experience contributing to or leading a Class IIa (or equivalent MDR/UKCA) regulatory submission

• Strong written communication: clear, audit-ready documentation

• Ability to translate compliance requirements into actionable engineering tasks

• Background in healthtech, medtech, or regulated software

• Familiarity with MHRA guidance on AI as a medical device

• Experience with SOC 2 or other security frameworks

In 12–18 months, compliance is no longer a source of anxiety for the engineering team — it is a capability they are proud of. Our Class IIa submission is complete. We have passed external audits cleanly. The board can point to our compliance posture as a commercial differentiator with NHS and enterprise clients.

As Tortus scales, this role grows into Head of Compliance or a broader Risk & Governance function. The intersection of AI, clinical care, and regulation is one of the most complex and consequential spaces in tech right now — and your expertise will be in high demand.

• 28 days holiday + bank holidays

• Latest MacBook and the right equipment

• Office-first culture based at Holborn Town Hall — typically Tuesday, Wednesday, Thursday in office; Monday and Friday flexible

• The chance to genuinely transform healthcare