Risk & Compliance Officer
My client based near Stratford-upon-Avon are looking for a Risk & Compliance Officer to join their team.
This is a hybrid role – 2 – 3 days per week in the office.
Salary approx. £70,000 - £85,000 + Bonus + Excellent Benefits
The Role
This is a critical role in safeguarding the organisation across regulatory, operational and cybersecurity risk.
You will take ownership of building and maintaining a robust compliance framework, ensuring adherence to FCA/PRA regulations, PCI DSS standards and broader industry requirements.
Working cross-functionally with product, technology, legal and senior leadership teams, you'll embed risk management into day-to-day operations and product development, while acting as a trusted advisor to the Executive Team and Board.
This is a hands-on role for someone who can both design frameworks and deliver them.
Key Responsibilities
Develop and maintain compliance programmes aligned with PCI DSS, FCA and other regulatory frameworks
Lead enterprise-wide risk management processes and maintain a robust risk framework
Manage regulatory reporting obligations for the FCA regulated entity within the group
Conduct vendor and third-party risk assessments, ensuring suppliers meet legal and security standards
Work closely with product and technology teams to embed compliance into the product lifecycle
Deliver risk reporting to Executive Team, Audit Committee and Board
Manage group-wide insurance policies and oversee renewals
Monitor regulatory changes and advise leadership on impact and required action
Conduct internal audits and compliance reviews, driving remediation and continuous improvement
Deliver training and promote a strong culture of risk awareness
Essential Experience
5+ years' experience within a risk and compliance function in a regulated business
Strong FCA/PRA regulatory experience
Hands-on PCI DSS compliance experience (audit preparation, remediation, policy development)
Experience building or managing a Risk Management Framework
Proven vendor/third-party risk assessment experience
Experience presenting risk reporting to senior leadership
Desirable
Experience in insurance, fintech, payments or regulated technology environments
Exposure to product compliance and embedding controls into SDLC
ISO 27001 or wider cyber governance knowledge
Experience leading or mentoring small teams