COMPLIANCE AND GOVERNANCE CONSULTANT
This is a highly varied role that will require you to support the business to meet both technical and security assurance standards (such as SOC2, PCI) emerging areas such as PAS 1296 (age verification) and PAS 499 (financial electronic customer due diligence), as well as a wide range of ongoing compliance – across operational business areas from health and safety, ISO27001, to anti-bribery, AML to compliance with ethical standards.
– Take ownership and project manage our SOC2 audit process, liaising and managing our engagement with third party auditors along with other relevant standards and associated assessment processes, such as PAS 1296 and PAS 499.
– Take ownership of the ongoing review including supplier and other relevant third-party due diligence.
– Provide expert leadership on ‘s compliance with PCI Security Standards.
– Manage ‘s risk register ensuring the process is adhered to and proactively managed, including co-ordinating with the company-wide risk champions.
– Review and maintain relevant controls, monitor their effectiveness and enhance where necessary.
– Act as the ambassador for compliance in Security Forum; making sure that our compliance requirements are high on the agenda in the decision-making process.
– Provide guidance and training as required.
– Report to the senior management team quarterly on governance and compliance initiatives and risks.
– Eventually take on compliance responsibilities in jurisdictions outside of the UK.
– Change management and project management skills to build a strong culture that appreciates excellent governance.
– A history of working in compliance, with proven experience of driving a company’s compliance agenda and running successful intensive audits, such as SOC2, PCI standards assessments and/or similar processes.
– A passion for governance with a demonstrable, in-depth understanding and knowledge of the topic.
– Commercial ability – adept at striking a balance between compliance best-practice and the constantly changing business needs prevalent in a cutting-edge technology environment.
– Ability to sell a new process or requirement to those new to the organisation. This is not just a “tick-box exercise” – you will drive genuine buy-in and understanding from key stakeholders.
– Strong ethical foundation, so that you can champion the consumer, act as a conscience and challenge those who may be tempted to cut corners.
– Comfortable communicating with people from across the organisation, dealing equally with senior management and junior employees with the confidence and charisma required to challenge where necessary, drive cultural change and fire-up the organisation on a range of crucial topics, which may not all inspire everyone instantly.
– A good humoured, diligent and patient approach with an eye for detail.