Risk & Compliance Jobs in London

Make yourself visible and let companies apply to you.

Roles

Risk & Compliance Jobs in London

Overview

Looking for top Risk & Compliance jobs in London? Haystack connects you with the best roles in financial services, legal, and corporate sectors across the city. Whether you’re an experienced compliance officer or risk analyst, explore up-to-date London opportunities and advance your career in one of the world’s leading financial hubs. Start your Risk & Compliance job search in London today with Haystack!

Filters applied

London

Risk & Compliance

Salary

Location

Remote preference

Role type

Seniority

Tech stack

Sectors

Contract type

Company size

Visa sponsorship

IT Governance Officer

Proactive Appointments

The successful candidate will serve as the subject matter expert on the IT operational risk assessment, controls and governance (“IT GRC”). Sitting within the IT team and acting as the first line of defence. You will closely partner with internal IT teams, Business OPC, Central IT OPC and other control functions to strengthen IT operational processes.

Key experience required

IT Operational Permanent Control (OPC) Assessment

Group Cybersecurity Assessment

IT Audits

Client Due Diligence Questionnaire and Security clauses

The successful candidate will have strong and relevant experience in IT governance and operational risk management in a similar sized organisation.

Knowledge of external certifications and the ability to audit the organisation’s conformance to those standards;

Working experience within ISO 27001/NIST standards

Good level of experience and competency within an IT OPC and Governance environment.

Personal experience of implementing high quality standards (ideally ISO etc.) within an organisation and the ability to drive quality standards through the organisation.

Desirable qualifications

ITIL Life cycle/Capability certification

ISACA Certificate in the Governance of Enterprise IT (CGEIT)

CISA certification

Due to the volume of applications received for positions, it will not be possible to respond to all applications and only applicants who are considered suitable for interview will be contacted.

Proactive Appointments Limited operates as an employment agency and employment business and is an equal opportunities organisation

We take our obligations to protect your personal data very seriously. Any information provided to us will be processed as detailed in our Privacy Notice, a copy of which can be found on our website

Senior IT GRC Analyst

A prestigious financial services organisation in the heart of the City of London is seeking a Senior IT GRC Analyst to join its dynamic team. In this collaborative role, you will support the development and enhancement of IT Governance, Risk, and Compliance (GRC) frameworks, working closely with senior stakeholders, internal IT teams, and third-party partners to manage IT risk and ensure regulatory compliance across the business.

Key Responsibilities:

Governance:

Contributing to the implementation and continuous development of IT GRC frameworks.

Assisting in the review and maintenance of IT GRC documentation.

Assist in the implementation and communication of IT risk and control management frameworks.

Conduct governance reviews in line with agreed schedules and document outcomes.

Maintain documentation for IT risk and control management processes.

Support the preparation and delivery of formal IT GRC reporting.

Risk:

Identifying, assessing, and documenting IT risks.

Supporting IT risk management activities, including the execution of technical IT risk assessments.

Supporting risk owners to define remediation plans and monitor progress on remediation activities.

Manage day-to-day operational and technical IT risks.

Support IT risk owners in identifying and assessing technical IT risks and assist in documenting and tracking remediation plans.

Contribute to formal risk reporting processes within Group IT and to second-line functions.

Assist in the coordination and execution of annual operational risk assessments.

Compliance:

Evaluating compliance with IT control requirements as defined in internal policies and standards.

Supporting periodic reviews and assessments related to IT GRC.

Support IT control compliance activities, including annual reviews and maturity assessments of IT controls.

Assist IT control owners with control self-assessments and attestations to support second-line permanent control checks.

Coordinate IT control attestations across Group IT and with third-party service providers.

Key Skills and Experience:

3-5+ years of experience in Information Security Governance, Risk, and Compliance (GRC), with a focus on IT risk and control management.

Strong analytical skills with the ability to perform technical IT security and operational risk assessments.

High attention to detail, ensuring accuracy in documentation, assessments, and compliance activities.

Strong understanding of information security risk management principles, frameworks (e.g., ISO 27001, NIST), and compliance practices.

Exposure and understanding of IT infrastructure, business applications, and their associated risks and controls.

Experience collaborating with internal and external audit teams, including supporting audit readiness and evidence gathering.

Proven ability to work effectively across multi-disciplinary, multi-cultural, and geographically dispersed teams.

Excellent written and verbal communication skills, with the ability to convey complex information clearly to both technical and non-technical audiences.

Strong interpersonal and presentation skills, with confidence engaging stakeholders at all levels.

Industry-recognised technical certifications such as ITIL, CISSP, CRISC, or similar are desirable but not essential.

Familiarity with regulatory requirements such as DORA is desirable.

This is a fantastic opportunity to join a highly respected financial services organisation with a collaborative culture and strong commitment to professional growth. You’ll gain exposure to a wide range of GRC activities and enjoy the opportunity to develop your career within a supportive and dynamic environment.

For a full consultation, please contact Arc IT.

Salaries will be based on experience.

Governance, Risk and Control Lead

London (hybrid), £90k plus bonus plus benefits

Our client, a renowned international financial services group, is looking for a Governance, Risk and Control Lead to managing implementation activities aimed at achieving their security and data governance, risk & control objectives.

Key responsibilities:

Lead the implementation of data loss protection DLP, data retention, and rights management initiatives

Drive compliance with DORA, Operational Resilience, and Data Governance requirements

Develop and maintain security governance frameworks (ISO27001, NIST)

Manage stakeholder relationships across all organizational levels

Oversee risk assessments and control implementation

Lead security and data privacy policy development

Monitor and report on control effectiveness

Key Skills:

Proven experience in information security governance and compliance

Strong knowledge of UK/EU data privacy regulations

Experience with ISO27001, NIST, and GDPR frameworks

Project management expertise

Excellent stakeholder management skills

Technical proficiency in security controls and data governance

This is a unique opportunity to shape security and governance strategies while working with cutting-edge technologies and frameworks.

Sound like you? Please get your CV over ASAP.

Resilience and Crisis Manager - Retail

Resilience and Crisis Manager - Retail - 12 month contract - Inside IR35 - Watford - Hybrid

A global retail organisation is seeking a skilled and experienced Resilience Manager to lead its Crisis Management and Business Continuity programs across international operations. This high-impact role is central to the company’s Enterprise Resilience strategy, ensuring business continuity and effective response to critical incidents.

You’ll be responsible for shaping and executing crisis response strategies, managing operational disruptions, and collaborating with stakeholders to protect and recover core business functions. As a Crisis Management Lead, you’ll play a vital role in guiding the organisation through challenging events with clarity and confidence.

Key Responsibilities

Lead and evolve the global Crisis & Critical Incident Management framework.

Act as a strategic advisor and hands-on leader during major disruptions.

Deliver training, workshops, and simulations to build crisis readiness.

Collaborate with cross-functional teams to minimise loss and accelerate recovery.

What You’ll Bring

Proven experience in crisis management, business continuity, or operational risk.

Strong leadership and stakeholder engagement skills.

Understanding of retail operations and resilience best practices is beneficial to have

Join a team that thrives under pressure, protects what matters, and builds resilience for the future.

Carbon60, Lorien & SRG - The Impellam Group STEM Portfolio are acting as an Employment Business in relation to this vacancy.

Data Privacy Consultant - HR Systems / Microsoft Purview

Robert Half International (an S&P 500 global staffing provider) is supporting a leading global risk consulting firm in sourcing an interim Data Privacy Consultant to become an associate on a consulting project. The role will focus on reviewing and strengthening data governance and privacy within HR systems, with specific emphasis on Microsoft Purview.

Role highlights:

Initial 6-month contract (scope to extend)

Hybrid, with 2-3 days a week on-site in London

Day rate £585 PAYE PLUS 12.07% holiday pay a day (PAYE with employer’s NI & Tax deducted at source - unlike umbrella companies and no umbrella company admin fees) + 12.07% holiday pay

Key skills & experience:

Proven track record as a Data Privacy / Governance Consultant within financial services

Hands-on experience with Microsoft Purview for compliance, data classification, and governance

Strong understanding of data protection regulations (UK GDPR, DPA 2018) in HR system contexts

Experience responding to and remediating data breaches, with ability to advise on preventative controls

Skilled at engaging HR, IT, and Compliance stakeholders to embed privacy best practice

Familiarity with broader data governance frameworks and risk management approaches

Additional requirements: Must undergo Verifile financial, criminal, and Right to Work checks before onboarding.

This is an opportunity to play a key role in ensuring data privacy and governance within HR systems, supporting both compliance and operational resilience at a global financial services firm.

Robert Half Ltd acts as an employment business for temporary positions and an employment agency for permanent positions. Robert Half is committed to diversity, equity and inclusion. Suitable candidates with equivalent qualifications and more or less experience can apply. Rates of pay and salary ranges are dependent upon your experience, qualifications and training. If you wish to apply, please read our Privacy Notice describing how we may process, disclose and store your personal data: gb/en/privacy-notice.

Information Governance Lead

Information Governance Lead London (records management, data classification)

This is a new and exclusive opportunity for a Information Governance Lead to join a thriving financial banking business in London City as they expand their information governance team. This role is focused on records management and data classification and there are some very large charge and transformation projects In this area next year so this is a great time to join

Role details

Information Governance Lead

Permanent role 80,000- 110,000

Salary: permanent role, salary

Location: London City and home working hybrid (50/50)

Employer: investment bank/ financial services

This role sits within a information governance team where the key pillars are Data privacy, records management, data classification.

We are looking for a Information Governance Lead who can brig expertise in records management and data classification in particular

As the Information Governance Lead, you will be delivering technology change, specifically a Data classification project, and a Records management tooling and policy project coming up

Key responsibilities include providing expert guidance on data privacy, records management, and data classification, while also promoting awareness and understanding of controls and their strategic value. The role demands strong communication skills to educate and influence stakeholders, and a proactive mindset to challenge existing norms constructively.

This role would suit a professional who is experienced across Information Governance including records management and data classification, who is looking to grow and develop for the long term

We are happy to consider from any background for this role so you don’t need to bring banking/ financial services in advance

Role requirements

Experience in Information Governance including records management and data classification in particular

Ability to work confidently at C Suite, and confidence to work on key change transformation projects

Extensive knowledge of data privacy and records management regulations across EMEA.

Strong understanding of records management, including retention schedules and compliance requirements.

This role is open now for applications

Please do send through a CV through to Kimberley Roe- for more information

Good luck!

To find out more about Huxley, please visit (url removed)

Huxley, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales

Senior IT Auditor - Financial Services - London - Hybrid

Your new company

The organisation is a prominent UK-based merchant banking group offering services in lending, deposit management, and securities trading. With a workforce of around 3,500 employees across the UK and Ireland, and a listing on the London Stock Exchange, it plays a vital role in supporting the long-term success of individuals and businesses throughout Britain. Its focus is on empowering people and enterprises to realise their potential, plan confidently for the future, and build lasting relationships. The group remains dedicated to making sound, forward-looking decisions that ensure resilience and continuity across changing economic conditions.

Your new role

Finance Data Governance Specialist VP

Job title: Finance Data Governance Specialist VP

Location: London/Hybrid

Duration: until 31/03/2026 initially

Adecco is an employment consultancy. We put expertise, energy, and enthusiasm into improving everyone’s chance of being part of the workplace. We respect and appreciate people of all ethnicities, generations, religious beliefs, sexual orientations, gender identities, and more. We do this by showcasing their talents, skills, and unique experience in an inclusive environment that helps them thrive.

The role:

This role is required to support the Finance function deliver objectives related to the Bank wide BCBS239 project. The role will require working with stakeholders within Finance to ensure fit-for-purpose data and controls, as we look to leverage best practice across the industry.

Responsibilities:

Solid knowledge and expertise in the use of data governance, data quality, metadata, profiling, analysis, and data management tools.

Responsible for data governance implementation across the Finance domain in line with BCBS239 requirements.

Responsible for the data definition, lineage and governance aspects ‘end to end’ for prioritised Use Cases

Responsible for monitoring changes to business data requirements and ensuring that change and release management activities are executed for the data domains

Contributes to the firm’s objective of meeting industry regulatory expectations with respect to the data governance program as well as establishing processes that generate accurate, complete, timely and reliable data

Work with stakeholders across the Division on the development and implementation of data standards and adoption requirements for EMEA Data

Participates in the various data governance and program forums to advance the robustness of the Bank-wide data governance framework

Collaborates with business, compliance, technology, and other groups to ensure that data related business requirements are clearly defined and communicated as part of initiative prioritisation and planning

Support the investigation of Data Quality Issues, development of remediation plans and recommendations to fix at source

Assist in delivering robust controls and monitoring processes for those controls and providing controls MI to senior management

Ability to establish consistent contact with all teams to provide updates, stay on track and report risks and issues timely with proven ability to quickly earn the trust of sponsors and key stakeholders

Requirements:

Solid knowledge and expertise in data governance, data quality, profiling and analysis

Has a detailed working knowledge of BCBS239 in a Tier 1 / Tier 2 bank

Has experience communicating with senior managers

Understands complicated data structures and calculations required for Finance

Understanding of the Finance Data Domain as well as knowledge of data governance practices, business and technology issues related to management of enterprise data and data related regulatory requirements

Ability to think in an enterprise-wide manner, rather than a siloed or business unit focused fashion

Analytically minded with experience in problem solving and being able to implement and deliver solutions

Strong stakeholder engagement skills to communicate and achieve buy-in from stakeholders across EMEA

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven’t heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly.

Senior Data Risk Manager

Harnham - Data & Analytics Recruitment

SENIOR DATA RISK MANAGER

£80,000

LONDON - OTHER UK LOCATIONS AVAILABLE

An exciting opportunity has arisen with a growing bank who are looking to add a motivated individual to their risk team. This role offers a chance to own data risk for the bank whilst leading a small team.

THE COMPANY

This company is an exciting challenger bank who are continuing to grow. They offer a range of unique products as part of their lending book and have an excellent team culture. This role offers the chance to gain great exposure across the bank and have a really hands-on role in a close-knit team.

THE ROLE

Manage and support 1LOD teams to ensure strong alignment with data risk

Align Data Risk Management with overall risk framework, industry best practices, and regulatory standards.

Provide second line oversight to ensure data used for financial, legal, and regulatory reporting is accurate, reliable, and secure.

Ensure robust audit controls for data and analytics supporting regulatory reporting.

YOUR SKILLS AND EXPERIENCE

Experience in the banking or financial services experience

Prior experience in data management and implementing data risk frameworks

Background in a second-line, audit role within data risk is desirable

Exposure to data governance, data quality and wider regulations such as BCBS 239

SALARY AND BENEFITS

Up to £80,000 base salary

Pension contribution scheme

Please register your interest by sending your CV to Rosie Walsh through the ‘Apply’ link

Interim Head of Compliance

Grant Thornton’s Agile Talent Community is a network of contract professionals, giving you the opportunity to work with our clients alongside Grant Thornton teams on a project-by-project basis whilst being supported by our dedicated Agile Talent team.

Joining us in Regulatory

We help and support clients achieve their strategic goals by guiding them through new legislation changes and helping to navigate accounting, regulatory, technology and operating model change. The world around us is changing and our teams help clients remain agile and adapt to these changes and stay ahead of the competition.

The Regulatory Advisory team, part of Financial Services Advisory (FSA), advises firms of all sizes from right across the financial services industry, on all aspects of UK regulation and how the rules and guidance apply to them. Our list of prestigious clients includes the regulators themselves. Our clients tell us that they greatly appreciate the insights and value we provide.

Joining the Agile Talent Community as an Interim Head of Compliance,you will have the freedom to work on projects that you choose, whether full or part-time within the Regulatory team and support our clients and internal teams on short to medium-term assignments.

Skills we are looking for

Demonstratable compliance experience, gained within the Lloyd’s market.

Deep understanding of UK regulatory frameworks (FCA, PRA, Lloyd’s).

Experience in developing and maintaining compliance frameworks, monitoring plans, and training programs.

Oversight of complaints handling and sanctions screening processes.

Relevant professional certifications.

Comfortable being onsite 4 days a week in London.

What’s in it for you

Development: Your development is important to us and as part of the Agile Talent Community you will be able to work alongside our permanent teams as well as our clients, giving you variety and opportunity to develop new skills. Our team is here to support you, with finding new projects as well as navigating the freelance regulation.

Engagement: As a member of our Community, you will also be invited to events, which can help your wellbeing, educate you about the market you operate in, help you connect with the business as well as other members of the Community.

Doing what’s right ahead of what’s easy

Embracing uniqueness, the culture at Grant Thornton thrives on the contributions of all our people and those who work alongside our teams, we never settle for what is easy, we look beyond to deliver the right thing, for everyone. Building an inclusive culture, where we value difference and respect each other helps everyone to perform at the best of their ability and realize their potential.

How to join

You’ll first apply by sending us your CV. If your skills match what we are looking for, one of our recruiters will get in touch and walk you through the interview process. If there’s interest to continue, we’ll invite you to an interview with some of our key business leads. If successful, the final step will be to complete the onboarding process and background checks.

We strive to ensure all our information, products, and services are accessible to everyone. If you need any adjustments to our processes to help you apply for our roles, please speak to the recruiter during the application process.

Enterprise Risk Manager

My leading Technology client are looking for a talented and motivated individual to develop and implement their risk management framework. You’ll monitor the risk profile of the organisation and work with the different departments to help manage the change, while enabling growth within the organization’s appetite for risk.

You’ll also create detailed risk analysis reports for executive leadership, providing actionable insights to support the company objectives.

This is a newly created role in a high-performing yet supportive business. An amazing opportunity!

The following skills/experience is essential:

Risk Management/Operational Risk background

Degree in Maths, Computer Science, Economics or Physics

French or Dutch speaker (doesn’t need to be fluent)

Strong Analytical skills

Excellent communication skills

Salary: Excellent + bonus + package

Location: London (good work from home options available)

If you are interested in this Enterprise Risk Manager position and meet the above requirements please apply immediately.

Business Continuity Manager

A prestigious international bank is seeking a dynamic new addition in this newly created role.

Your responsibilities will include:

Developing/implementing/maintaining an effective Business Continuity Management and Operational Resilience framework across the bank, in line with regulatory requirements

Collaborating with departments to conduct Business Impact Analysis and identify critical processes, resources, and set recovery objectives

Working closely with teams to create, enhance, and update Business Continuity Plans

Coordinating with IT to ensure business recovery objectives and disaster recovery plans meet business needs

Providing detailed reports to senior management on Business Continuity Management and Operational Resilience framework performance

Conducting regular risk assessments and scenario analysis to assess the framework’s effectiveness

Your experience must include:

Demonstrated senior-level experience in Business Continuity Management and Operational Resilience within the banking sector

Strong knowledge of UK regulatory requirements related to Operational Resilience

Exceptional presentation and communication skills for effective interaction at all levels is essential

Proficiency in project management

Preferably, a diverse background encompassing various banking domains such as corporate/wholesale banking, traded and capital markets, and settlements

Please note this role will be working 5 days a week in the London office.

Cyber Security Consultant -AI, CISSP, Risk

Hays Specialist Recruitment Limited

Up to £495 per day (Inside IR35)

London / Hybrid (3 days per week onsite)

6 Months

My client is a London-based Insurer who are looking to hire a Cyber Security Consultant with CISSP certification, working knowledge of AI (Artificial Intelligence) and Risk to work on a new AI solution being implemented.

Key Requirements:

Proven experience in Cyber Security as a Cyber Security Analyst / Cyber Security Consultant

Working knowledge of AI (Artificial Intelligence) within IT Security / Info Security / Cyber Security

CISSP / CISM certification

Previous experience of working in a Cloud related environment

Experience of conducting Risk Assessments within a Technology environment

Strong knowledge of Risk Management frameworks (ISO 27005, EBIOS)

Excellent communication skills with ability to translate technical jargon to non-technical audiences

Strong Stakeholder Management skills

Flexible approach towards hybrid working (must be able to commit to 3 days per week onsite each week)

Nice to have:

Familiarity of working within Agile frameworks (SAFe)

Proven experience in the Insurance industry

Immediate availability

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C’s, Privacy Policy and Disclaimers which can be found at hays.co.uk

Cyber Security GRC & Third Party Risk Management Leader

Oliver James are partnered with a globally renowned reinsurance company in their search for a Cyber Security Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) Lead. This role will play a crucial part in strengthening the organisation’s security posture, focusing heavily on vendor risk, regulatory readiness, and cyber governance.

Based in the City of London with a flexible hybrid model (average 4 days on-site), this position carries a package of c£155,000 inclusive of bonus and LTIP and exclusive of exceptional benefits and annual/loyalty bonuses.

Key Responsibilities

**Third-Party Risk Management:**Lead and own the third-party vendor risk assessment process across a portfolio of 100-120 vendors. Review and validate vendor security documentation (e.g., SOC 2, ISO 27001), evaluate control effectiveness, and coordinate remediation efforts for identified gaps. Ensure relevant business stakeholders are informed of potential risks.

**Governance, Risk & Compliance (GRC):**Actively contribute to broader GRC initiatives, including:

Managing GRC platforms and tools (e.g., control catalogues, issue tracking, policy management).

Designing and deploying security awareness programs (e.g., phishing simulations, training content).

Assisting with internal and external audit responses (e.g., NYSDFS, MAS, APRA, Lloyd’s) and regulatory reporting.

Supporting client due diligence processes with robust documentation and communication.

**Security Controls and Collaboration:**Research and interpret both technical and non-technical security controls. Collaborate with infrastructure, engineering, and business teams to ensure appropriate control implementation aligned with organisational security goals.

**Executive Reporting:**Track, prioritise, and report on risk and compliance status, key issues, and mitigation progress to leadership teams.

Key Requirements

Bachelor’s degree in Cyber Security, Information Technology, or a related STEM discipline.

Minimum 7 years’ experience in Information Security GRC, ideally within a large, global enterprise.

Strong understanding of the interplay between Security, Infrastructure, and Engineering teams.

Demonstrated experience with third-party risk management and vendor assessments.

Excellent analytical, communication, and record-keeping skills, with an audit-oriented mindset.

Highly Desirable Experience

Familiarity with TPRM tools (e.g., SecurityScorecard, BitSight, RiskRecon).

Experience working with GRC platforms (e.g., Drata, Vanta, OneTrust).

Previous involvement in regulatory audits across frameworks such as NYSDFS, MAS, APRA, Lloyd’s, etc.

Certifications (Preferred)

CISSP, CISA, CISM, or equivalent professional security certifications.

Service Continuity, Disaster Recovery Specialist, Hybrid

**Risk & Disaster Recovery, Business, Continuity, Service ContinuityLeading UK business based in LondonUp to £750 per day (Umbrella engagement)**Hybrid working (3 days on site)

Our client, a successful and well known UK business is looking to hire a Risk and Disaster Recovery specialist.

The successful candidate will be responsible for developing and executing an IT disaster recovery (including risk management strategy) for enterprise infrastructure. You will also plan for ongoing maintenance.

You will also ensure our clients IT infrastructure and services remain resilient and recoverable in the event of disruption.

In depth expertise in ITIL frameworks is essential. Previous experience in disaster recovery planning and risk management is also essential. The ability to work closely with business, technical and vendor stakeholders.

Engagement via Umbrella Company Only; all taxes & NI deducted at source.

General responsibilities: -

Define / maintain IT disaster recovery framework ensuring alignment with business continuity objectives.

Conduct risk assessments of existing infrastructure services enabling identification of mitigation strategies.

Develop and document disaster recovery plans and runbooks.

Manage and run regular Disaster Recovery exercises.

Compliance with ITIL best practices for risk and recovery management.

Collaborate with service owners, dept. heads and vendors to ensure new DR processes are built into future designs.

Advise incident and problem management teams in identifying risk-related root causes.

Advise stakeholders with regular reporting on risk exposure, Disaster Recovery readiness and general performance.

Skills & Experience required:

Proven and in depth experience in business continuity, IT disaster recovery & risk management leadership.

Strong knowledge of ITIL.

Relevant experience developing and implementing DR plans in large-scale enterprise environments.

Infrastructure resilience and failover strategies.

Ability to engage with senior stakeholders

ITIL v4 certification

Knowledge of regulatory requirements for IT risk and resilience e.g. ISO 22301, ISO 27001

Experience working in highly regulated environments.

Reasonable Adjustments:

Respect and equality are core values to us. We are proud of the diverse and inclusive community we have built, and we welcome applications from people of all backgrounds and perspectives. Our success is driven by our people, united by the spirit of partnership to deliver the best resourcing solutions for our clients.

If you need any help or adjustments during the recruitment process for any reason***,*** please let us know when you apply or talk to the recruiters directly so we can support you.

Business Continuity Manager

A prestigious international bank is seeking a dynamic new addition in this newly created role.

Your responsibilities will include:

Developing/implementing/maintaining an effective Business Continuity Management and Operational Resilience framework across the bank, in line with regulatory requirements

Collaborating with departments to conduct Business Impact Analysis and identify critical processes, resources, and set recovery objectives

Working closely with teams to create, enhance, and update Business Continuity Plans

Coordinating with IT to ensure business recovery objectives and disaster recovery plans meet business needs

Providing detailed reports to senior management on Business Continuity Management and Operational Resilience framework performance

Conducting regular risk assessments and scenario analysis to assess the framework’s effectiveness

Your experience must include:

Demonstrated senior-level experience in Business Continuity Management and Operational Resilience within the banking sector

Strong knowledge of UK regulatory requirements related to Operational Resilience

Exceptional presentation and communication skills for effective interaction at all levels is essential

Proficiency in project management

Preferably, a diverse background encompassing various banking domains such as corporate/wholesale banking, traded and capital markets, and settlements

Please note this role will be working 5 days a week in the London office.

Data Protection Analyst

Are you an experienced Data Protection Analyst looking to take full ownership of privacy and data governance in a high-impact, standalone role?

A prestigious financial services and asset finance organisation in London seeks a confident and capable Data Protection Analyst to lead data privacy activity across its Asset Finance & Leasing division. You’ll play a vital role in embedding data protection best practices, ensuring compliance with UK GDPR and other key regulations, and driving a culture of privacy awareness across the business.

What makes this Data Protection role stand out?

Ownership: This is a standalone position within the division, giving you genuine influence and the autonomy to shape and deliver the data protection programme.

Hybrid Flexibility: Enjoy a hybrid working model, with just 2-3 days a week in the London office.

Supportive Environment: Although this is a standalone role, you’ll have 2nd line guidance from Group-level SMEs and the DPO.

Impact: You’ll be a key partner to stakeholders across the business, with visibility at senior levels and the chance to make a lasting impact.

Key Responsibilities - Data Protection Analyst

Lead the execution of divisional data protection activities in alignment with Group policy and governance frameworks.

Ensure compliance with data protection laws (including UK GDPR), internal policies, and data retention and destruction protocols.

Deliver clear, engaging training sessions to enhance awareness and understanding of data protection across the division.

Complete Privacy Impact Assessments (PIAs), support Data Protection Impact Assessments (DPIAs), and contribute to audits.

Respond to Subject Access Requests (SARs) and other privacy-related queries.

Monitor operational and conduct risks, maintain risk logs, and escalate issues to senior management where appropriate.

Partner closely with stakeholders across all three lines of defence to ensure strong, risk-aware governance.

Skills & Experience - Data Protection Consultant

Proven experience in a dedicated data protection role within financial services (NOT ESSENTIAL) or a regulated environment.

Strong understanding of UK data protection laws and regulations (UK GDPR, FCA, CCA, FLA etc.).

Recognised data protection qualification (e.g. CIPP/E, CIPM, BCS or similar).

Experience delivering data protection training and driving cultural change.

Confident stakeholder manager - able to influence, advise and communicate complex privacy issues clearly.

Self-starter, highly organised, and delivery-focused - comfortable working independently.

Why Apply?

This is an exciting opportunity to work in a respected financial institution known for its stability, innovation, and commitment to personal development. You’ll have exposure to senior leadership, the autonomy to shape your role, and access to wide-ranging career progression opportunities across the group.

Ready to shape the future of data protection and privacy in a top-tier bank?

Apply now with your CV and let’s start the conversation.

Information Governance Lead

The role of Information Governance Lead - VP will be to work closely with the Director of Information Governance the role will contribute to the Information Governance strategy across the Bank

Client Details

This organisation is a well-established Global Corporate and Investment Bank based in the City of London.

Description

Develop and implement comprehensive information governance frameworks and policies.

Ensure compliance with regulatory standards and data protection laws.

Collaborate with the Risk & Compliance department to identify and mitigate information-related risks.

Monitor and assess the effectiveness of governance practices and recommend improvements.

Provide guidance and training to internal teams on information governance best practices.

Support audits and regulatory reviews by preparing and presenting relevant documentation.

Act as a key point of contact for stakeholders on all matters related to information governance.

Stay updated on industry trends and regulatory changes affecting information governance.

Profile

A successful Information Governance Lead should have:

Extensive knowledge of data privacy and records management regulations across EMEA.

Proven experience in developing and implementing IG policies and standards.

Strong understanding of records management, including retention schedules and compliance requirements.

Ability to provide clear, pragmatic advice and conduct risk assessments in large, multinational organisations.

Skilled in drafting and revising policies, procedures, training materials, and guidance documents.

Strong relationship-building skills, with the ability to challenge existing practices constructively.

Experience in identifying process improvements and delivering change initiatives.

Desirable Qualifications:

Professional privacy certification (e.g., IAPP CIPP/E) or equivalent practical experience in privacy programme management.

Professional records management certification or demonstrable experience in managing records programmes.

Job Offer

Competitive salary in the range of £90,000 to £110,000 per annum.

Comprehensive benefits package, including pension and health coverage.

Opportunity to work in a large organisation within the financial services industry.

Engaging and challenging work environment in London.

Scope for professional growth and development in the Data Office

If you are passionate about information governance and are ready to take the next step in your career, we encourage you to apply today.

Policy Development & Support - London/Hybrid

A government department client is looking for a Policy Development and Support to join them on a 12 month contract. This position will be in London/ Hybrid.

Job Summary:

Individual will possess a strong blend of analytical skills, project management expertise, and a deep understanding of cyber and information security policies.

We require risk and policy management experience and ideally, Cyber security and previous HMG experience.

Responsibilities:

Analyse existing cyber and information security policies and processes and identify areas for improvement.

Conduct data analysis collection to support policy development and delivery decision-making.

Collaborate with stakeholders to ensure policies align with organisational and regulatory requirements and industry best practices.

Develop and propose new policies to enhance the organisation’s security posture.

Lead the planning, execution, and delivery of cyber and information security policy projects.

Policy Roadmap Development - Initial policy identification (Discovery).

List the policies that sit under the Info Sec Policy.

Provide a final list of policies based on private and public sector examples.

We would also like to know how the rationale was arrived at, through evidence of other Organisations Policies, e.g. the DfE Brochure, DWP Policies, MoJ Policies, Private Sector examples.

Information Security Assurance Analyst

Our client is looking for an Information Security Assurance Analyst Operations. The aim of this role is the effective operation, reporting and evidencing of their technology and information security control environment and the overall Information Security Management System (ISMS).

Based in Reigate/hybrid - 2 days in the office 3 from home

£40,000 - £45,000

Hybrid

Eligibility for annual bonus, up to 15%

25 days holiday per annum, plus bank holidays

Company pension scheme

Death in service benefit

Employee Assistance Programme

Job specification:

Maintaining and improving our ISMS -

Updating ISMS policies, procedures, standards, and guidance -

Coordinate and provide necessary support in planning and completing internal ISMS reviews.

Supplier onboarding and annual supplier security assessments -

Maintaining and developing our security awareness and education programmes -

Analysis of information security alerts and incidents -

Report on incidents, risks, threats and vulnerabilities -

Scheduling internal and external penetration and vulnerability tests and managing remediation planning

Assist in evaluation of cyber security tools

Manage online ISMS system.

Assist the ISM to deliver Information Security projects

Participate in technology and information security related audits, providing support regarding the collation and supply of evidence to requests.

Ensuring information security controls are evaluated and effective - Identifying ISMS nonconformities - Respond to audit recommendations.

Establish a good working relationship with all internal and external key stakeholders, and third-party vendors.

Create reports on information security projects and activities -

Report on information and cyber security incidents -

Create ISMS reports based on key metrics - Articulate associated risks in both technical and non-technical terminology.

Support the on-going review process to continually improve and refine the ISMS

Support the ISM in performing targeted information security risk assessments.

Identify risks, incidents, and breaches, in accordance with company policies and department procedures.

Person specification:

Appropriate level of education or professional risk/compliance/Information Security related qualifications

Experience within technology risk management and/or audit function would be beneficial

Experience of working in a regulated environment / awareness of requirements such as GDPR

Experience in the maintenance of a certified IS027001 Information Security Management System and related controls (ISO27002)

Understanding of technology and information security risk management frameworks

Excellent verbal and communication skills

Excellent team player who can establish strong working relationships

Graduates can be considered if they have a relevant degree

Refer a friend and earn £100! If you have a friend who is also searching for a new opportunity in the local area, recommend Optima and if we place them (providing they complete their 3-month probation period), you will receive a £100 retail voucher of your choice!

Please note that if you have not been contacted within 5 working days, then unfortunately on this occasion your CV has not been shortlisted.

By applying for this vacancy, you accept Optima Recruitment Limited’s Privacy and GDPR Policy which can be found on our website and therefore gives us consent to contact you.

Optima Recruitment Limited are acting as a recruitment agency in relation to this vacancy and are an equal opportunities employer.

IT Security, Crisis & Business Continuity Manager

An exciting opportunity has arisen within a European Bank for a Crisis and Business Continuity Manager.

Your responsibilities will cover:

Identifying and escalating security incidents, ensuring necessary follow-up actions are taken

Developing and overseeing Cyber and IT Security policies for the London branch

Creating and maintaining Crisis Management, Disaster Recovery, and Business Continuity Planning frameworks

Enhancing data availability, integrity, and confidentiality while collaborating with the 2nd LoD on IT, Business Continuity Management and Cyber controls

Offering IT governance and security guidance across all branch departments

Updating departmental procedures to align with new products, processes, and regulations

Managing technical vendor relationships, focusing on data protection, privacy, and security

Your experience must include:

Demonstrated expertise in business continuity and IT security within the banking sector

Ability to adapt to changing business, technical, and regulatory landscapes

Proficiency in regulatory standards and cyber risk management

Strong analytical and reporting capabilities

Excellent written and verbal communication skills

Solid project management background

Please note this role will be working hybrid - 3 days a week in the office and 2 days remotely.

Page 1 of 2

Frequently asked questions

What types of Risk & Compliance jobs are listed on Haystack in London?

Haystack features a wide range of Risk & Compliance roles in London, including positions such as Risk Analyst, Compliance Officer, Regulatory Consultant, Internal Auditor, and Data Privacy Specialist.

Do I need specific certifications to apply for Risk & Compliance jobs on Haystack?

While requirements vary by role, common certifications like CISSP, CISA, CRISC, or qualifications in GDPR and financial regulations often enhance your chances. Job listings typically specify required or preferred certifications.

Can I filter Risk & Compliance job listings based on experience level on Haystack?

Yes, Haystack allows you to filter job listings by experience level, including junior, mid-level, and senior positions, helping you find roles that match your career stage.

How often are new Risk & Compliance job opportunities posted in London?

New Risk & Compliance jobs in London are posted regularly on Haystack, often daily, ensuring you have access to the latest opportunities in this field.

Does Haystack provide resources to help with my Risk & Compliance job application?

Yes, Haystack offers career advice, resume tips, and interview preparation resources tailored to IT and Risk & Compliance professionals to help make your application stand out.

Terms

Feedback

Contact

Careers