SOX & GDPR Compliance Manager

Kettering, Northamptonshire, England
£45000 - £55000 per annum + 25+STAT, Excellent Benefits Package
17 Jan 2019
14 Feb 2019
Northamptonshire Jobs
Contract Type
Full Time
10964 - Compliance Manager Job Spec
Location: Northamptonshire

Our Client, an established manufacturing company based in Northamptonshire, are seeking to recruit an experienced Compliance Manager on a full-time permanent basis.

Your role as CM will be fundamental to supporting the development & implementation of business strategy, underpinned by the establishing & maintaining systems, processes & policies that ensure compliance.

You will work extensively within the business (incl. cross-functionally) to develop knowledge & passionately drive compliance, ensuring all functions are aware of their accountabilities and understand how working processes & decision making should be undertaken.

Duties / Responsibilities

Sarbanes-Oxley Compliance
*Lead the embedding of SOX compliance requirements & practices consistently within the business,
*Monitor & report progress of embedding SOX into the business during transition - ensuring that senior leaders are owning & driving change,
*Work with the wider business to ensure all in scope controls are operating consistently, advise on any process or practice adjustments,
*Perform regular planned & unplanned walk throughs of relevant controls,
*Liaise closely with IT / Head of Finance & Finance Team to ensure compliance and that all business changes consider SOX requirements,
*Liaise with internal / external auditors throughout the year,
*Challenge current operating methods & bring best practice to the forefront,
*Ensure that business processes in all departments are adequately documented & available to review for audits,
*Devise & revise methodology to measure overall business & departmental adherence to process (carried out at regular intervals)
*Conduct & maintain a full business review of measures in place and make recommendations to ensure compliance,
*Full ownership of the continuous improvement process for all of the above, ensure Executive & Senior stakeholders are updated on a regular basis alongside any recommendations.

GDPR / Data Protection compliance
*Work with Data Protection Officer to mitigate data protection risks faced by the company and foster a culture of data privacy within the organisation,
*Carry out Data Protection Privacy Impact Assessments (where appropriate) on business functions and projects,
*React to & manage data breach response / notification procedures,
*Devise & implement an internal system for reporting actual or suspected data security breaches (data security reports),
*Co-operate with data protection regulators,
*Respond to Subject Access Requests, consumer privacy queries & complaints,
*Undertake periodic data protection audits, ensuring any deficiencies identified as a result of an audit are addressed,
*Incident and risk management,
*Respond to & manage (including liaising with regulators) any:
-data security breaches
-communications received from or enforcement action initiated by the ICO or any other relevant regulator
-complaints or communications relating to data protection
*Maintain central register of data security reports in a form that allows the business to:
-monitor and assess the effectiveness of the business' data protection systems
-adequately respond to requests for information.

Departmental & Project Compliance
*Prepare a business-wide approach to ensure future projects are designed & executed with compliance metrics / processes front of mind,
*Support the ongoing project work & any related activities by advising key stakeholders - examples for 2019 may include Supplier Portal Implementation & review of business Master Data processes,
*Maintain alignment with the Q&C internal team and work seamlessly to improve business processes interdepartmentally where required,
*Provide support for any external or regulatory audit requirements,
*Support key departments as agreed by the Executive Leadership Team by designing & conducting internal audits to identify and measure compliance and opportunities for improvement - example being to support HR in reviewing documentation and people processes. Including but not limited to: P11D/P60, Pension Annual Renewals, HR tax returns.

Reporting to: Executive Leadership Team

Experience Requirements
You'll be passionate, tenacious & credible with the ability to flex your style to work in collaboration with cross-functional teams:

*ESSENTIAL: FMCG experience within a blue-chip organisation,
*Strong management, presentation & key stakeholder influencing skills,
*Be confident, outgoing & possess excellent communication skills across the business,
*Experience working within a Sarbanes-Oxley governance framework is essential,
*Experience with the practical application of European data protection legislation and possesses together with an understanding of GDPR,
*Experience with implementing data protection policies, procedures and training materials, and promoting a culture of data protection compliance across all business functions,
*Qualifications: AAT, ACCA, CIMA or ACA qualified,
*Systems: MS AX Dynamics, MS Excel… a high level of IT literacy is essential.

Salary Package
In return, our Client is offering a superb opportunity within an established organisation together an excellent salary, benefits package and work-life balance:

*Appointment Type: Permanent
*Salary: £45,000 - £55,000 per annum (subject to experience)
*Hours: 35 hours per week (Mon-Fri 9:00am to 5:00pm with 1hr lunch)
*Holiday: 33 days per annum (25 + STAT)
*Fantastic Flexible Benefits Package: Bonus, Car, Pension, Discounts Flexible Summer Working Hours / Start-Finish Times, Cycle to Work Scheme, Excellent Career Path

Paul Mitchell Associates is acting as an Employment Agency in relation to this vacancy.

By applying to this vacancy you are consenting to Paul Mitchell Associates contacting you and processing your data in line with our Privacy Policy under GDPR (General Data Protection Regulations).

If you do not consent to Paul Mitchell Associates contacting you and processing your data in line with GDPR please DO NOT apply.

For further information relating to our Privacy Policy please visit our website.