IT Compliance Manager

The Audit and Risk Recruitment Company (ARRC)* has been exclusively mandated by our client, an innovative Fintech business, to assist in their search for an IT compliance manager. The business is currently looking to build a universal API for their growing client base.

This is a newly created position and is the first compliance hire that will be responsible for building compliance function, therefore offering unrivalled business exposure and an amazing opportunity to drive the directions of the function.

Role Responsibilities

As the successful candidate you will:

• Lead efforts to develop and maintain all aspects of information security, privacy and risk compliance programs, from technical and procedural controls to policies and training
• Lead the company's SOC 2 Type II and ISO 27001 certifications lifecycle – working with external auditors, pulling together evidence, coordinating with internal teams and maintaining the cadence of activities throughout the year to remain compliant
• Work closely with internal teams and external service providers to coordinate and complete the incoming due diligence, information security and other regulatory compliance reviews from current and prospective customers and outgoing reviews of technology vendors
• Be the 'go to' person for compliance across the business – staying up-to-date on any applicable compliance requirements that may impact our business and working closely with legal, product, finance and IT to evaluate risks and opportunities as we scale

Background Requirements:

• Experience as a compliance manager or compliance officer or a similar role in a technology or financial services business - primarily dealing with information security and privacy and risk
• Advanced knowledge of and experience in building both SOC2 and ISO compliance programs
• Familiar with ISO27001 standards
• Willing to learn and implement other compliance and/or regulatory schemes as required in the future as we scale (could include employment, financial etc)
• Well versed in both the technical cybersecurity and procedural business controls required for a cloud-based software business
• Able to proactively audit, create and implement process and documentation
• Highly analytical with a diligent yet pragmatic approach to compliance

· Strong communication skills to interface with internal and external stakeholders