About Tortus AI At Tortus we work with clinicians and hospitals to provide clinically safe and reliable AI. We use speech-to-text and LLM models to infer information about a patient visit and provide verified documentation and actions — eliminating the documentation burden that costs clinicians hours every day. We've recorded over 1 million consultations. Clients include London Ambulance Service and a large proportion of UK GP surgeries. We are now entering our next phase: an AI doctor product and a ~£30M Series A raise. About the role You will own and develop Tortus's compliance function, reporting directly to the CTO. Hands-on ownership across our full regulatory stack: ISO 27001, ISO 13485, NHS DTAC, and our in-progress Class IIa medical device submission. What you'll do Own day-to-day compliance operations across ISO 27001, ISO 13485, and NHS DTAC Drive our Class IIa medical device submission to completion Develop and maintain policies, procedures, risk registers, and audit-ready documentation Act as primary internal point of contact for compliance queries from engineering, product, and commercial Manage relationships with auditors, certification bodies, and regulatory stakeholders Build compliance culture: training, awareness, embedding good practice across the org What we're looking for Deep working knowledge of ISO 27001 and ISO 13485 — you have owned or significantly contributed to certifications Familiarity with NHS DTAC, DSP Toolkit, and the UK medical device regulatory landscape Experience contributing to or leading a Class IIa (or equivalent MDR/UKCA) regulatory submission Strong written communication: clear, audit-ready documentation Ability to translate compliance requirements into actionable engineering tasks Nice to have Background in healthtech, medtech, or regulated software Familiarity with MHRA guidance on AI as a medical device Experience with SOC 2 or other security frameworks What does wild success look like? In 12–18 months, compliance is no longer a source of anxiety for the engineering team — it is a capability they are proud of. Our Class IIa submission is complete. We have passed external audits cleanly. The board can point to our compliance posture as a commercial differentiator with NHS and enterprise clients. Where does this role take you? As Tortus scales, this role grows into Head of Compliance or a broader Risk & Governance function. The intersection of AI, clinical care, and regulation is one of the most complex and consequential spaces in tech right now — and your expertise will be in high demand. What we offer 28 days holiday bank holidays Latest MacBook and the right equipment Office-first culture based at Holborn Town Hall — typically Tuesday, Wednesday, Thursday in office; Monday and Friday flexible The chance to genuinely transform healthcare