Compliance Testing Manager responsible for planning and executing compliance testing and validations. Leading specialist teams while ensuring regulatory compliance in the U.S. banking sector.
About the role
- Governance Risk & Compliance Manager implementing risk management strategies at Sword. Overseeing compliance and security governance practices within the organisation.
Responsibilities
- Security Governance – Develop and refine security policies, frameworks, and procedures, maintaining alignment and accreditation ISO 27001 and Cyber Essentials Plus
- Risk Management – Conduct ongoing security risk assessments across vendors, projects, and internal teams, identifying areas of concern and driving remediation efforts
- Legal, Regulatory, and Contractual Requirements – Ensure Sword remains compliant with relevant legal, contractual, and regulatory obligations, keeping pace with evolving regulations in all areas where Sword operates
- Third-Party & Supply Chain Security – Assess and manage security risks related to suppliers and partners, ensuring robust security measures are maintained
- Certification Management – Oversee and drive Sword’s certification in both Cyber Essentials Plus and ISO 27001 including management of the ISMS
- Business Resilience – Refine and mature the Sword business continuity and disaster recovery plans including regular testing and exercising
- Audit & Compliance – Ongoing audit and compliance of Sword policies and procedures against relevant contractual and regulatory obligations
- Data Protection – Central coordination of GDPR compliance across Sword including standardising processes and procedures with Data Protection Officers
- Security Culture – Drive improvements in the internal security culture through ongoing awareness, training and communications on policies, processes, and procedures
- Continuous Improvement – Deliver the risk & compliance program through a series of continuous and incremental improvements.
Requirements
- Direct experience, or strong working knowledge, of GRC frameworks aligned with industry standards and organisational goals
- Cyber Security Frameworks (NIST), regulations such as the General Data Protection Regulations (GDPR) and Network Information Systems (NIS2), and industry standards such as ISO 27001
- Ability to identify, assess, and mitigate risks across business processes and technical environments
- Experience managing audits and compliance reporting, including designing effective controls, developing audit plans, interfacing with auditors, and responding to findings
- Technical proficiency with GRC tools and platforms, including compliance monitoring technologies and data analysis (e.g., advanced Excel skills)
- Analytical and problem-solving skills to interpret complex regulations, resolve compliance issues, and provide strategic advice to leadership
- Excellent communication skills, both written and verbal, including the ability to convey complex regulatory and risk issues in understandable terms to stakeholders across the business
- Significant experience in a similar role preferably in an international organisation. Qualifications and Personal Skills
- Major industry certification such as CISA, CRISC, ISO 27001, etc.
- Experience in relevant Governance, Risk, and Compliance frameworks and technologies
- Takes ownership and accountability with an ability to self-manage tasks and activities to consistently deliver results
- Dedicated and proactive learner who keeps up to date with security regulations and is continuously improving and refining skills
- Excellent communication, negotiation and influencing skills – able to influence operational effectiveness across an organisation to achieve results.
Benefits
- Personalised Career Development: We create a development plan customised to your goals and aspirations, with a range of learning and development opportunities within a culture that encourages growth.
- Flexible working: Flexible work arrangements to support your work-life balance. We can’t promise to always be able to meet every request, however, are keen to discuss your individual preferences to make it work where we can.
- A Fantastic Benefits Package: This includes generous annual leave allowance, enhanced family friendly benefits, pension scheme, access to private health, well-being, and insurance schemes.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Business Management Specialist leading significant compliance strategy and governance activities for TD Bank. Managing risk and oversight processes while collaborating across multiple functions.
Senior Information Security Analyst ensuring compliance and data privacy at VERO. Involved in governance, risk management, and promoting security culture.
Regulatory Affairs Assistant focused on pharmaceutical - related logistics at PINEX. Engaging in regulatory analysis, documentation, and compliance monitoring.
Regulatory Compliance Specialist overseeing compliance for Arc'teryx raw materials and goods. Collaborating across teams to uphold regulatory frameworks and ensure consumer safety with legal standards in focus.
Head of Compliance at Compass managing enterprise risk, information security, and multi - jurisdictional regulatory compliance. Building compliance frameworks in an exciting high - growth SaaS environment.
Regional Regulatory Lead overseeing EUCAN regulatory strategy for pharmaceutical projects and products. Planning submissions, coordinating meetings, and collaborating with regulatory authorities.
Manager Regulatory Affair at Capgemini Engineering coordinating activities for the US market. Preparing submissions to the FDA and collaborating with internal teams for regulatory compliance.
Engineer IT Compliance responsible for compliance activities in regulated IT systems. Building partnerships with IT functions and ensuring regulatory alignment in pharmaceutical industry.
Regulatory Affairs Associate for managing new drug registrations and preparing documentation in the India Market. Collaborating with stakeholders and supporting compliance in bulk drug registration.