Compliance Regulatory Change officer ensuring timely identification and communication of regulatory changes affecting RBC businesses. Supporting compliance across Canadian financial sectors with impactful oversight.
About the role
- Risk & Compliance Lead responsible for designing and implementing risk compliance frameworks for a SaaS company. Collaborating with cross-functional teams to mitigate operational and regulatory risks.
Responsibilities
- Own Elliptic’s Risk and Compliance strategy, frameworks, and annual plan
- Maintain risk taxonomy, registers, and assessment cadence across business, product, data, third‑party, and operational risks
- Facilitate risk identification with domain owners, evaluate inherent/residual risk, and drive treatment plans
- Identify applicable obligations and industry standards for a SaaS provider and maintain a single control framework mapped to them
- Plan and run a risk‑based assurance programme to test control design and effectiveness
- Partner with Platform, SRE, and Security to validate backup, recovery, continuity, and disaster recovery capabilities
- Set methodology and thresholds for vendor and product risk, partnering with Procurement, Legal, and Product to embed controls in lifecycle workflows
- Coordinate external audits and certifications as needed; ensure our evidence strategy is efficient and reusable
- Enable teams through guidance, training, and practical tooling; make compliance easy and transparent
Requirements
- Proven ownership of an ERMF or equivalent risk programme in a SaaS or technology business
- Designing and operating a unified control framework mapped to multiple obligations or standards
- Knowledge of data protection and data governance practices relevant to SaaS
- Planning and executing risk‑based assurance and control testing, and managing CAPA to closure
- Partnering with engineering and product teams to embed quality and compliance controls into their operations
- Clear, concise written communication and executive risk reporting
- Strong stakeholder management across technical and non‑technical teams
- Nice to have
- Experience with ISO 27001, SOC 2, or similar certifications, and familiarity with ISO 9001/22301/14001 as contributing inputs
- Exposure to model risk governance or validation practices
- Experience with evidence automation or compliance tooling
Benefits
- Hybrid working and the option to work from almost anywhere for up to 90 days per year
- £500 Remote working budget to set up your home office space
- $1,000 Learning & Development budget to use on anything (agreed with your manager) that contributes to your growth and development
- Holidays: 25 days of annual leave + bank holidays
- An extra day for your birthday
- Enhanced parental leave: we provide eligible employees, regardless of gender or whether they become a parent by birth or adoption, 16 weeks fully-paid leave
- Private Health Insurance - we use Vitality!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Senior Manager responsible for developing risk management systems and compliance processes at RBC. Collaborating with various teams to minimize investments risks in technology infrastructure.
Contracts & Compliance Manager at Giesecke and Devrient Mobile Security overseeing compliance and data privacy. Responsible for legal advice, contracts, and internal guidelines.
Regional Regulatory Manager ensuring environmental compliance for chemical distribution across Northeast US. Leading initiatives, audits, and reporting while providing strategic training and oversight.
Trade Compliance Officer supporting Export Control compliance activities within Defence Industry projects. Collaborating with managers to ensure adherence to regulations and operational support.
Associate Director leading Global Regulatory Affairs and Clinical Safety for pharmaceutical partnerships. Coordinating cross - functional activities to maintain regulatory obligations and compliance.
Senior Specialist in Compliance risk monitoring for pharmaceutical company. Involves data analysis and collaboration across global teams for risk management.
Oversee and optimize operations of the Business Administration Office at Princeton Hydro. Leading compliance and operational efficiency across multiple states as a seasoned professional.
Regulatory Data Assessment Analyst researching regulatory compliance for financial services at Truist Bank. Collaborating with stakeholders to validate data quality and enhance testing processes.
Senior Manager responsible for identifying and pursuing opportunities among US - based Japanese clients for Kroll. Involves business development, client relationship management, and forensic investigations.