Job Title: Head of Governance, Compliance & Risk People division
Reporting to: Chief Information and Data Officer

Role: Responsible for overseeing and managing the People divisions compliance with its standards and legal obligations through employee buy-in, implementation of new management systems, policy enforcement, program planning, and employee training.

Duties and Responsibilities:
Champion of compliance and governance across the People division, ensuring employee buy-in to data security and privacy across all departments.
Assisting Business Leaders with the maintenance of the People divisional management system certifications to the ISO 27001, ISO 22301 & ISO 9001 standards.
Working with the Group Information Security Team to ensure the division remain compliant with the Access Policies and are completing their training
Upgrading and consolidating the existing ISO certifications where applicable and to the latest iteration/version.
To act as Data Protection Officer for all Data Protection related issues or incidents, liasing with the Group DPO to ensure consistency and compliance
Ensure the divisional compliance with all GDPR/DPA2018 related matters.
Champion the People Divisional Risk Register methodology and applying it across all high risk processes.

A key contact between the People division and Group Information Secuity during incidents and audits
Proactively seeking accreditation to any standards that are relevant and beneficial to the division and group.
Championing quality, business continuity and information security processes within People.
Collaborating with colleagues and employees at all levels to ensure the best security and data privacy practices are adopted and maintained across People.
Working with the Product Development roles to ensure that our products are strategically developed to comply with regulatory and statutory requirements, including Data Protection & Privacy.
§ Influencing and persuading stakeholders to gain compliance with the People divisional compliance and regulatory commitments.
§ Identifying opportunities for new systems implementation to improve compliance up-take, employee buy-in, and efficiency.
§ Work with and assist the M&A team and the Group Information Security Team with compliance related focus in any People divisional acquisitions and intergrations.

Skills and Experience:
Essential
§Implementing and running an effective Quality Management System
§Thorough knowledge of Data Protection (including GDPR and The Data Protection Act 2018)
§Thorough knowledge of the ISO Standards and Procedures including ISO 9001, ISO22301 & ISO 27001
§Applicable certifications in Data Protection Practitioner, Information Privacy Professional, Information Security and all other relevant management system frameworks.
§Proven experience of preparing an organisation for independent audit and achievement of accreditations
§Effective communication skills and the ability to build relationships at all levels
§Influencing and leadership skills
§Effective report writing
§ISO 27001 Certified ISMS Foundation Training Course

Desirable
§HR or People Software sector experience
§Experience of ITIL
§CIPM and / or CIPP