Head of Risk and Compliance
PhotoBox Group Security is a trusted, high energy, empowered and proactive team. If you are looking for a place to make a difference, apply your security knowledge, learn a lot, be part of a highly productive team, and are able to work collaboratively with all parts of the business, this is the place for you.
We have a great culture, with a very horizontal structure. We expect you to be knowledgeable, trustworthy, empowered, friendly, focused and responsible.
Our mission is to secure the magic moments created by our customers, across all our brands. Our operating principles define what we focus on and how we make decisions.
We hold ourselves accountable against these principles.
1. We are enablers for the organisation, not a bottleneck
2. We drive transparency and accountability in risk management
3. We minimise vulnerabilities
4. We hack ourselves first
5. We educate and empower our internal stakeholders and developers
6: We contribute to adding financial value.
Why join Photobox Group Security?
As Head of Risk and Compliance you will work alongside the Group Security management team and act as an ambassador for PhotoBox Group’s compliance culture and standards, enabling the highest standards of compliance with GDPR and PCI. You will provide an advisory role for regulatory aspects across the whole business while creating a modern risk culture, powered by real-time risk visualisation and monitoring.
What will you do?
- To take overall responsibility for the advice, management and development of PhotoBox Group’s risk and compliance systems
- Advise in the implementation of risk and compliance matters and make regular presentations of issues including any recommendations
- Ensure compliance with GDPR + PCI, and be the key relationship contact for the 4 main EU Supervisory Authorities (UK, France, Spain and Germany)
- To be the responsible individual for all policies on risk and compliance and complete annual reviews, proposing improvements to manage risk
- Participate in the further development of PhotoBox Group’s risk assessment system and monitor and ensure the robust management of each matter is notified under the appropriate system and ensure those matters appropriately populate the various risk registers
- Support investigations into all breaches and near breaches of all regulations and statutes covering Photobox Group and report as required
Who are you?
- Strong understanding of a range of risk management frameworks (including but not limited to operational, conduct, financial, data protection and information security)
- Good understanding of emerging UK and European legislation (eg IDD, GDPR), codes of practice and industry guidelines affecting the Photobox Group
- Ability to form close working relationships and influence senior stakeholders.
- Ability to operate effectively within a fast paced organisation.
- Educated to degree level (or equivalent)
Tech Stack Experience across the following areas is desirable)
- GRC, ISMS, GDPR, PCI, ISO 27001
- Security Policies, Risk Management
- Risk Visualisation
- Python, R (language)