Risk & Compliance Officer

Purpose of Role:

The Risk and Compliance Officer is a vital part of the Security Governance, Risk and Compliance team. This role will be responsible for:

• Undertaking risk assessments and managing the local and functional risk registers. Ensuring risks are identified, raised and managed in accordance with the Enterprise Risk Management Framework, actions are agreed and delivered on time, and information is kept up to date and accurate
• Managing and maturing the Third party Risk Management Policy and Framework
• Providing support and oversight with regards to the Identity and Access Management Framework, ensuring high quality output and access control findings are remediated within a timely manner
• Ensuring the company remains compliant with the relevant legislative, regulatory and business requirements, as well as any latest versions of the frameworks/ standards/ requirements (such as; Licence 4, ISO27001, WLA:SCS, PCI-DSS and DPA 2018)
• Facilitating, managing and being part of security and privacy audits (both internally and externally). Ensuring evidence is readily available - and findings / areas of improvements are implemented into BAU in order to mitigate the risks associated
• Secretariat for Governance Committees whilst collating information, metrics and support writing the relevant governance papers

Enhancing the Security culture by conducting ongoing training and awareness of various related threat topics.