Compliance Manager
Hybrid WFH & attending Milton Keynes office when required
Salary is flexible DOE but iro £40,000-70,000 + package
We are recruiting a Compliance Manager who will lead and be the focal point for regulatory compliance with relevant industry standards including ISO9001, ISO14001 and ISO27001.
Our client is an established Document Solutions / ECM organisation with offices and large customer base across the UK and US. The business is compliant with ISO9001 for Quality management, 14001 for Environmental management and 27001 for Information Security.
The ongoing management and compliance with these standards is currently the responsibility of existing management within the business, and they have reached the point where this now needs a dedicated role.
Part of the Senior Management Team, Reporting to the MD, the responsibilities of the Compliance Manager will include:
1.Maintain and develop business strategies relevant to each of the standards
2.Maintain and review company policies and processes to comply with each of the standards
3.Undertake internal audits to ensure the business is compliant with its own procedures
4.Ensure staff are aware of the relevant procedures/policies
5.Check for ongoing compliance with our procedures/policies and address non-compliance
6.Measure effectiveness of the systems and look for improvements
7.Assist and support the management team to both self and cross department audit
8.Ensure our policies/procedures track changes in legislation and industry trends
9.Manage the annual external audit process for each of the standards
10.Assist Sales/Pre-Sales to respond to compliance questions for bids/tenders etc.
11.Manage suppliers who provide outsourced compliance with Health and Safety/security issues etc.
12.Audit/Evaluate suppliers (for compliance) who provide product or services to the company.
In addition, the company wishes to update its ISO27001:2013 certification to the 27001:2022 standard and include the USA Office within the scope of 27001 (currently just the UK Office is in scope).
You will be expected to understand the IT requirements of 27001 but actual implementation and monitoring of these will be the responsibility of the IT/Technical Manager.
Training will be provided as required.
Experience Required for the Compliance Manager role
·You should have prior experience of implementing or auditing 9001 or 27001, preferably both.
·Good understanding of the Data Protection Act.
·Excellent verbal and written communication skills.
·Ability to lead and deliver change and contribute to culture change successfully.
·Ability to influence at senior levels on matters relating to quality, security and information risk.
·Good understanding of IT infrastructure and practices pertaining to Information Security.
Qualifications required for the Compliance Manager Position
·Educated to degree level Or Substantial work experience in the areas of compliance and standards.
·Ideally an ISO Auditor or Implementer level certification from a recognised body (e.g. BSI) but this can be obtained post-employment for the right candidate.
·This role may be suitable for someone with a less senior position in a business having undertaken internal auditing and assisting with implementing the relevant standards.