At a Glance
- Tasks: Lead global risk and compliance initiatives, ensuring robust governance and scalable processes.
- Company: Dynamic, entrepreneurial firm listed on the Main Market, focused on growth and innovation.
- Benefits: Competitive salary, professional development opportunities, and a chance to shape global compliance strategies.
- Other info: Join a collaborative team and influence senior stakeholders while driving accountability.
- Why this job: Make a real impact by building a global risk framework in a fast-paced environment.
- Qualifications: 5+ years in risk or compliance, strong analytical skills, and experience with regulatory frameworks.
The predicted salary is between 80000 - 100000 € per year.
We are seeking someone who combines technical depth with commercial judgement.
- 5+ years’ experience in risk, compliance, audit or governance roles within professional services, consulting, technology or a listed environment.
- Strong experience managing risk registers, control frameworks, remediation plans and executive reporting.
- Working knowledge and experience supporting or managing SOC 2, ISO 27001/27002, NIST CSF or similar certification processes.
- Practical understanding and experience of global data protection and supplier risk requirements.
- Experience translating and documenting technical controls and regulatory requirements into operational practice in partnership with technical teams.
- (Desirable) Experience in a fast‑growth or acquisition‑heavy environment.
- (Desirable) Understanding of cybersecurity governance and information security risk management.
- (Desirable) Law or business‑related degree (regulatory legal background advantageous).
- (Desirable) Professional compliance qualification.
- Experience within consulting or professional services.
- Intellectually curious and strategically minded.
- Commercially pragmatic, balancing robust risk management with entrepreneurial growth.
- Comfortable in a fast‑paced, international, high‑growth environment.
- Highly organised and disciplined in documentation and evidence management.
- Strong executive presence with the ability to influence senior stakeholders.
- Motivated by building and scaling processes rather than maintaining the status quo.
What the job involves:
Combining the agility of a challenger firm with the governance standards of a listed company, we are now seeking an ambitious, commercially astute Global Risk & Compliance Lead to build and scale our global risk and compliance capability, working closely with Legal, IT, Operations and senior leadership.
You will be responsible for the end‑to‑end risk and compliance framework for the Group, ensuring governance is robust, commercially pragmatic, audit‑ready and scalable across operating companies and acquisitions. This role offers a genuine opportunity to build and scale a global risk and compliance function within an entrepreneurial, Main Market‑listed environment.
Enterprise Risk, Cyber & Governance: Manage and enhance the Group’s enterprise risk framework, global risk register and full risk lifecycle (identification, mitigation, testing, remediation and reporting). Maintain a Group‑wide consolidated view of strategic, operational, financial, regulatory and cyber risks, including horizon scanning across jurisdictions. Reduce cyber risk exposure and strengthen cybersecurity governance in partnership with the CISO, aligning to global standards e.g. ISO 27001, SOC 2. Contribute to Board, Audit Committee and Annual Report risk disclosures.
Risk & Compliance Operations: Lead the Group’s risk and compliance programme, ensuring controls are well‑designed, operational and scalable, particularly for SOC 2 Type 2 and ISO 27001. Maintain a centralised, audit‑ready evidence repository and coordinate internal/external audits, client reviews and due diligence. Oversee remediation plans and ensure continuous evidence collection. Develop consistent, lightweight playbooks for vendor intake, audit readiness and control testing across operating companies.
Policy, Regulatory & Third‑Party Oversight: Oversee global policies and the full policy lifecycle, ensuring alignment with regulatory and listing obligations. Manage and deliver risk and compliance training, including competency testing where appropriate. Support global data protection compliance (GDPR, CCPA and equivalents) as a data processor/service provider. Own vendor and third‑party risk management, ensuring proportionate due diligence of suppliers, clients and acquisition targets.
Reporting & Stakeholder Leadership: Deliver executive reporting on risk posture, KPIs, exceptions, remediation and audit milestones. Act as the bridge between IT/Security, Legal, HR, Finance, M&A and Operations leadership, driving accountability without a policing approach.
Global Risk and Compliance Lead employer: Deepstreamtech
As a Global Risk and Compliance Lead at our dynamic, Main Market-listed firm, you will thrive in an entrepreneurial environment that values agility and innovation while upholding the highest governance standards. We offer a collaborative work culture that encourages professional growth through continuous learning and development opportunities, alongside competitive benefits that support your well-being. Join us to make a meaningful impact by building and scaling our global risk and compliance capabilities in a fast-paced, international setting.
StudySmarter Expert Advice🤫
We think this is how you could land Global Risk and Compliance Lead
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We can’t underestimate the power of personal connections when it comes to landing that dream job.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their risk and compliance challenges and think about how your experience aligns with their needs. We want you to walk in feeling confident and ready to impress!
✨Tip Number 3
Showcase your expertise during interviews by sharing specific examples of how you've managed risk and compliance in previous roles. We love hearing about real-life scenarios that demonstrate your skills and strategic thinking.
✨Tip Number 4
Don’t forget to follow up after interviews! A quick thank-you email reiterating your interest can keep you top of mind. We believe that a little courtesy goes a long way in making a lasting impression.
We think you need these skills to ace Global Risk and Compliance Lead
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the specific skills and experiences mentioned in the job description. Highlight your 5+ years in risk, compliance, or audit roles, and don’t forget to showcase any relevant certifications like SOC 2 or ISO 27001.
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain how your background aligns with our needs. Talk about your experience in managing risk registers and your understanding of global data protection requirements. Make it personal and engaging!
Showcase Your Achievements:When detailing your experience, focus on achievements rather than just responsibilities. Use metrics where possible to demonstrate how you’ve successfully managed risk frameworks or improved compliance processes in previous roles.
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of being noticed. It’s the easiest way for us to keep track of your application and ensure it gets into the right hands!
How to prepare for a job interview at Deepstreamtech
✨Know Your Stuff
Make sure you brush up on your technical knowledge related to risk management frameworks like SOC 2 and ISO 27001. Be ready to discuss how you've applied these in past roles, especially in a fast-paced environment.
✨Showcase Your Commercial Acumen
Prepare examples that highlight your ability to balance risk management with business growth. Think about times when you've influenced senior stakeholders or made decisions that positively impacted the bottom line.
✨Be Organised and Detail-Oriented
Since this role involves managing documentation and evidence, demonstrate your organisational skills. Bring along examples of how you've maintained audit-ready evidence repositories or managed remediation plans effectively.
✨Communicate Clearly
Practice explaining complex regulatory requirements in simple terms. You might need to translate technical controls into operational practices, so being able to communicate clearly with both technical teams and non-technical stakeholders is key.
