The Compliance Lead will support the Senior IT & Security Compliance Manager in ensuring Kingfishers technology estate is compliant with all applicable laws and regulations and this compliance can be clearly demonstrated to regulators and auditors.

Key Accountabilities / Responsibilities:

·         Work within the Information Security & Risk team.

·         Maintain, develop, and implement a compliance program and the associated processes and evidential documentation

·         Ensures Group / local Banner technology teams and suppliers understand and maintain operational compliance to regulations.

·         Maintain and improve the Controls framework providing a view of effectiveness, and driving a programme of continuous improvement

·         Collaborate with and assist Banners and technology teams to develop corrective action plans for identified compliance issues.

·         Ability to convey complex information and ideas clearly to stakeholders and embed policy, processes and controls that maintain compliance 

·         Develop and provide input towards reporting packs for all aspects of the compliance landscape.

·         Provide SME consultancy to both Group Technology and the Banners / Group Functions on key topics such as data protection and payments.

·         Operate a data protection office for Group Technology including managing data maps, DPIA’s and SARs

·         Manage both internal and external audit activities including the support of audit planning, audit facilitation, input to findings and resulting action plans

Required Skills & Experience:

·         Relevant experience in similar roles and / or either data privacy, audit, legal, compliance or related fields

·         An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative, and actionable manner

·         Demonstrable framework experience of NIST, NIS2, GDPR, PCI DSS and the Corporate Governance code.

·         Experience of managing auditors and influencing audit plans

·         Proven organisation, prioritisation, and rationalisation skills

·         A demonstrated ability to use positive influencing skills effectively to modify opinions, plans, or behaviours

·         Has the ability to interface with, and gain the respect of, stakeholders at all levels and roles in the company

·         Is a confident, energetic self-starter, with strong interpersonal skills

·         Demonstrable problem-solving and trouble-shooting skills

·         Familiarity with agile practices and working alongside product and engineering teams

·         Strong team values, recognises the value of a positive team environment and contributes to the creation of this.

·         Knowledge of tooling such as Service Now, Power BI, Jira and O365 products.