Head of Risk and Compliance
This role is responsible for establishing, maintaining and continuously improving a robust compliance framework across all the group businesses, ensuring that legal, regulatory and ethical standards are consistently upheld and fostering a culture of integrity and accountability throughout the organisation.
Governance & Risk Oversight
• Review and update the business risk register quarterly, reporting findings and recommendations
• Oversee and review quarterly regional risk registers, ensuring consistency and effectiveness
• Identify emerging risks and advise senior leadership on mitigation strategies
Compliance & Assurance
• Provide independent assurance on GDPR, internal controls, corporate governance, and regulatory compliance
• Lead annual compliance audits across all offices and ensure timely corrective actions
• Report and track non-compliance issues through to resolution
Data Protection & Information Governance
• Act as Data Protection Officer (DPO), ensuring GDPR compliance and adherence to contractual requirements
• Lead the organisation’s data protection framework, policies, and training
• Act as Freedom of Information Officer, managing FOI requests in line with statutory and contractual obligations
Business Continuity & Resilience
• Produce and maintain the annual Business Continuity Management (BCM) plan
• Conduct business impact assessments, scenario testing, and incident management planning
• Support Regional Managers to ensure local continuity plans meet organisational standards
Commercial & Contractual Support
• Provide guidance on contractual matters, protocols, and schedules
• Contribute to new contract bid tenders, ensuring risk and compliance considerations are embedded
• Produce and maintain the annual Exit Management Plan
REQUIREMENTS:
- Proven experience providing independent assurance and guidance on GDPR, Internal Controls, Business Continuity Management and Corporate Governance at group level.
- Strong analytical skills to identify, assess, and mitigate risks across all FRS Coop businesses.
- Ability and proven experience to provide independent assurance and guidance on GDPR,
- Internal Controls, Business Continuity Management, and Corporate Governance.
- Third-level qualifications in a compliance and risk management
- Experience and training in data protection legislation
- Experience in supplier contract management
- Project management experience
Contact Maria Weafer for more information
