Compliance Officer
Our client is a Managed Services company founded in the UK. Our team are building to increase consumer and enterprise value across the rapidly growing regulated industry sector by redefining approaches to automation, analytics, and improved tooling.
Reporting to the Chief Executive Officer, the Compliance Officer is responsible for ensuring that our client meets its regulatory, governance and International Standards Organisation (ISO) obligations in a robust, timely and methodical fashion and that internal policies and procedures are adhered to and adapted to support the business in its compliance activities.
Areas of compliance include:
• ISO 27001, GDPR, Telecommunications Regulation
• Business Process and Procedures such as ITIL
As our compliance officer you'll be tasked to:
• review marketing materials, presentations and websites to ensure compliance with regulatory requirements
• assist in the gathering of internal information in response to regulatory requests
• perform various general administrative duties (such as file creation and maintenance of ongoing process/policy documentation)
• Assist in distributing and preparing the documentation and compliance reports to senior executives
The Compliance Officer is a member of the our clients managed services team and will regularly collaborate across the group as a domain expert to contribute to the successful delivery of our clients strategic and operational goals.
Key Accountabilities & Activities
1 Undertake daily, weekly, monthly Compliance and Regulatory activities including:
• Perform risk assessments to understand risk level, significance and scope
• Keep up to date with, and understand, relevant laws and regulations
• Monitor compliance in line with laws, regulations and internal policies
• Manage voluntary best practice relating to professional standards
• Ensure that your findings are recorded and followed up with management so that issues can be rectified
• Contribute and develop reporting dashboards
• Conduct regular risk analysis, providing viable solutions for identified threats & risks.
• Maintain accurate records and documentation related to GDPR (included but not limited to DPIAs, ROPA, Incident Response, DSARs, and other data protection issues that may arise)
2 To help identify, prioritise and effectively manage compliance requirements as part of the broader team and through stakeholder engagement.
• Build relationships with stakeholders to identify Regulatory and Compliance
requirements and develop a level of knowledge to meet the specific objectives
• Assisting in educating employees on not only the regulations, but also the impact on the organisation if these aren't complied with
• Investigate irregularities and non-compliance issues
• Assisting in reporting back to business functions on current risk and compliance performance
• Highlight or escalate areas of concern
• Contribute to robust and effective compliance controls within the organisation
3 Liaise & support other teams on related security issues including:
• Create tools and methodologies that will make Compliance activities more robust and reliable.
• Actively take part in regulatory and compliance review meetings
• Contribute towards development of guidance documentation & training for employees & end users, if required.
• Generate reports, documentation, and insight for a range of staff & stakeholders as required
4 Undertake ad-hoc projects and other activities as required
Essential Qualifications / Certifications
1. Diploma in Governance, Risk & Compliance
2. Formal training of ISO/GDPR/GRC
Desirable:
3. Certified Information Security Manager (CISM) certification
4. BSc (Hons) in a relevant field
Experience & Skills
1. ISO 27001
2. GDPR Compliance
3. ITIL
4. Analysing and Presenting data using data analysis tools
Desirable:
5. Proven experience of ISO9001
6. Knowledge of Telecommunications Regulation