Understand and inform the compliance requirements across all jurisdictions (internal and client related) and all industry verticals that may impact , assessment, raise awareness/changes across organization. Identify controls and control gaps and monitor/report conformance with the information security and risk teams. Typically sitting at the group level, the Regulatory Compliance will be involved in liaising with the Data Protection Officer (DPO), other Directors and Managers, and specialists (SME’s) to ensure practices meet regulatory requirements, and to provide oversight on all client contractual commitments, including reviews/due diligence. This role will be responsible for document and evidence management for regulatory compliance & information security frameworks and audit functions that are applicable to the business, such as ISO.
In addition, this role will work the information security team, sales teams, and Service Delivery Managers (SDMs) to catalog and respond to security, privacy, and risk assessments where is considered the third party. clients usually require these assessments both pre and post contract.
Responsibilities Duties:
Discovery and research of regulatory requirements in each jurisdiction (internal and clients), with regular reviews and awareness of the continuous flow of updates to relevant regulations as affect , across the organization:
includes HR, Marketing, Finance, Products, Implement, Operations
Federal, state, and global jurisdictional regulatory levels
Understanding of needs driven by client regulations of as their third party assisting them in meeting industry specific requirements – such as HIPAA, CMMC, etc.
Maintain relationships with all relevant regulators as required.
Assess risks/impacts, raise awareness of changes needed/implemented across organization.
Identify/create controls to cover regulatory requirements, conduct internal audits, including ad-hoc as determined by events, and monitor/report (non)conformance on identified high risk regulatory areas.
Management of risk register and risk logs at both the corporate and client levels
Actively pursue escalations for non-conformance of standards through use of compliance tooling available,
Consultation role assisting/advising sales / presales on client due diligence exercises and regulatory commitments in contractual agreements (such as locational constraints, right to audit, etc), and other relevant managers/resources regarding regulatory impacts/considerations on internal developments (security, access restrictions, cross border regulatory conflicts etc).
Liaise with clients directly (or their auditors, as required), on request for due diligence and assisting them in meeting their own regulatory commitments, from time to time, such as contract reviews, SOW’s, and the domino effect of new legislation/regulations placed on them, that may impact ’ provision of service.
Participate in Change Control Boards for change requests and advocate for best practices and conformance with regulations.
Provide reports of risk and other reporting as required and/or directed to the CISO and DPO for regular compliance reporting across disciplines and attend compliance meetings as required.
Key Skills:
Relevant qualification in Governance, Risk and Compliance (GRC) and associated platforms
5-10 years’ experience in a regulated environment and/or risk management required
Good working knowledge of O365 tools, such as Word, PowerPoint, Excel, Teams required
Training on in-house applications such as LCP, SharePoint, Kimble, ServiceNow to be provided
The ability to communicate complex regulatory requirements to other colleagues
Commercial and business awareness
Superb communication skills – both written and verbal
Attention to detail and ability to probe further into data until completion or resolution
Ability to manage time and tasks independently as directed
Experiance Qualifications:
Relevant qualification in Governance, Risk and Compliance (GRC) and associated platforms
5-10 years’ experience in a regulated environment and/or risk management required
Good working knowledge of O365 tools, such as Word, PowerPoint, Excel, Teams required
Training on in-house applications such as LCP, SharePoint, Kimble, ServiceNow to be provided
The ability to communicate complex regulatory requirements to other colleagues
Commercial and business awareness
Superb communication skills – both written and verbal
Attention to detail and ability to probe further into data until completion or resolution
Ability to manage time and tasks independently as directed
Benefits:
Benefits: This may include training, health, insurance, commuting support, lunch service etc.