GRC Engineer at Ouro handling risk assessments and compliance engineering for cloud services. Collaborating with teams to ensure security control effectiveness across applications and infrastructure.
About the role
- Technical Regulatory Compliance Manager at Starling ensuring compliance with industry regulations and facilitating technology-led solutions. Join a growing team in a fast-paced environment focused on innovation and teamwork.
Responsibilities
- Monitoring and the provision of evidence to support compliance with laws, regulations and internal policies
- Supporting the SMF24 and others with responsibilities under SMCR to enable the delivery of regulatory expectations; ensuring timely and accurate submission of attestations
- Support the evolving regulatory compliance work associated with operational resilience and in Technology’s Business Continuity and Disaster Recovery planning, including the assurance of compliance across the technology supply chain
- Interpreting and communicating regulatory changes, ensuring that all findings are recorded and followed up with appropriate stakeholders / teams
- The investigation of any irregularities, breaches and non-compliance issues
- Championing compliance best practice and contributing to robust and effective compliance controls within the organisation
- The performance of risk assessments, technology led thematic reviews and internal compliance audits to understand compliance risk level, significance and scope
- IT policy development: advisory and assurance across the compliance elements / implications within the IT governance documentation suite
- Helping the business function to identify solutions to compliance issues
- The implementation of preventative and/or corrective measures to mitigate compliance risk
- Creation of a function-wide compliance culture through the education about regulation and industry best practices, with insight into the impact of non-compliance on the organisation
- The review of technical change to assure compliance with regulatory / scheme requirements
- Ensuring that the correct internal policies and procedures are in place to achieve compliance with external regulations.
- Assisting in the gathering of internal information in response to regulatory requests
- Managing voluntary best practice relating to professional standards
- Collaborating with other departments / functions / lines of defense to create a culture of compliance
- Compliance monitoring including the development and tracking of compliance metrics and ensuring adherence to internal controls
- Investigating compliance violations or irregularities
- Reporting on current compliance risks and compliance performance across Information Technology
- Highlighting / escalating areas of concern to the Information Technology departmental and team leads, risk owners and Chief IT Control Officer as required.
- Keeping up to date with the evolving regulatory environment.
Requirements
- Have a comprehensive understanding and working knowledge of the UK’s regulatory environment and sourcebooks
- Be able to advise and make recommendations to the business on regulatory compliance matters
- Identify opportunities for and where appropriate recommend business process improvements to ensure compliance
- Have a pragmatic approach and be able to work collaboratively within the compliance spaces across a technology driven environment
- Have an understanding of compliance risks across technology, information security and regulatory environments
- Have an understanding of the principles of IT Risk Management
- Have knowledge of ISO accreditations against which to monitor compliance
- Have knowledge of industry standards such as COBIT, NIST, SOC I and SOC II, and PCI-DSS against which to monitor compliance
- Have previous knowledge of CASS, BACS, SCV, Pay UK and Swift CSP against which to monitor compliance
- Be proficient in working with external auditors
- Share knowledge and provide guidance on internal bank first line or similar related processes.
- Take responsibility and do the right thing for customers, colleagues and partners.
- Experience across one or more of these areas is useful but it is not expected that you will have worked in all of these.
- The following skills and experience are desirable:
- Experience working within financial services, specifically within technology risk management.
- Experience working with key stakeholders, developing working relationships and providing insightful management reporting / information.
- Good attention to detail as you are likely to be examining laws and regulations and checking compliance
- Working knowledge of SMCR requirements
- Ability to influence across multiple stakeholders information to technical and non-technical audiences
- Flexibility in your approach to meeting goals as part of the wider team.
Benefits
- 25 days holiday (plus take your public holiday allowance whenever works best for you)
- An extra day’s holiday for your birthday
- Annual leave is increased with length of service, and you can choose to buy or sell up to five extra days off
- 16 hours paid volunteering time a year
- Salary sacrifice, company enhanced pension scheme
- Life insurance at 4x your salary & group income protection
- Private Medical Insurance with VitalityHealth including mental health support and cancer care. Partner benefits include discounts with Waitrose, Mr&Mrs Smith and Peloton
- Generous family-friendly policies
- Perkbox membership giving access to retail discounts, a wellness platform for physical and mental health, and weekly free and boosted perks
- Access to initiatives like Cycle to Work, Salary Sacrificed Gym partnerships and Electric Vehicle (EV) leasing
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Regulatory Operations Analyst supporting SEU Operations Risk department with regulatory compliance across licensed jurisdictions. Engaging in multi - jurisdictional work and maintaining regulatory controls.
Associate Manager developing and managing investigations and consulting cases at Kroll. Collaborating with teams to ensure quality and compliance across diverse cases.
Senior Regulatory Engineer responsible for regulatory strategies and agency interactions at Johnson Controls. Collaborating on new product approvals and maintaining compliance with existing products.
Regulatory and Quality Specialist supporting compliance strategy for medical devices in R&D. Collaborating with design teams to ensure quality and regulatory adherence.
Compliance & Oversight Lead Manager facilitating GILA business processes and data quality. Ensuring compliance with labeling activities in a global pharmaceutical environment.
Manager in US Regulatory Advertising and Promotion at Pfizer supporting regulatory guidance and strategic review of promotional communications. Mentoring junior staff while ensuring compliance with regulatory standards.
Senior GRC Consultant consulting clients on GRC software RiMaGo and implementing risk strategies. Collaborating with development team and conducting training sessions in GRC.
Senior Compliance Officer at Absa providing compliance support and risk management in the banking sector. Leading compliance initiatives and regulatory relationship management.
Compliance Manager supporting RTX's Anti - Bribery & Anti - Corruption Program at the largest aerospace and defense company. Ensuring compliance with various international anti - corruption laws and regulations.