Global Risk and Compliance Lead in London

Elixirr International plc is a Main Market-listed, fast-growing global consulting and digital transformation group operating across the UK, USA, EU and South Africa. Since our IPO in 2020 and move to the Main Market in 2025, we have grown rapidly through organic expansion and strategic acquisitions, helping ambitious organisations turn strategy into measurable, sustainable results.

Combining the agility of a challenger firm with the governance standards of a listed company, we are now seeking an ambitious, commercially astute Global Risk & Compliance Lead to build and scale our global risk and compliance capability, working closely with Legal, IT, Operations and senior leadership.

You will be responsible for the end-to-end risk and compliance framework for the Group, ensuring governance is robust, commercially pragmatic, audit-ready and scalable across operating companies and acquisitions. This role offers a genuine opportunity to build and scale a global risk and compliance function within an entrepreneurial, Main Market-listed environment.

• Manage and enhance the Group’s enterprise risk framework, global risk register and full risk lifecycle (identification, mitigation, testing, remediation and reporting).
• Maintain a Group-wide consolidated view of strategic, operational, financial, regulatory and cyber risks, including horizon scanning across jurisdictions.
• Reduce cyber risk exposure and strengthen cybersecurity governance in partnership with the CISO, aligning to global standards e.g. ISO 27001, SOC 2.
• Contribute to Board, Audit Committee and Annual Report risk disclosures.
• Lead the Group’s risk and compliance programme, ensuring controls are well-designed, operational and scalable, particularly for SOC 2 Type 2 and ISO 27001.
• Maintain a centralised, audit-ready evidence repository and coordinate internal/external audits, client reviews and due diligence.
• Oversee remediation plans and ensure continuous evidence collection.
• Develop consistent, lightweight playbooks for vendor intake, audit readiness and control testing across operating companies.
• Oversee global policies and the full policy lifecycle, ensuring alignment with regulatory and listing obligations.
• Manage and deliver risk and compliance training, including competency testing where appropriate.
• Support global data protection compliance (GDPR, CCPA and equivalents) as a data processor/service provider.
• Own vendor and third-party risk management, ensuring proportionate due diligence of suppliers, clients and acquisition targets.
• Deliver executive reporting on risk posture, KPIs, exceptions, remediation and audit milestones.
• Act as the bridge between IT/Security, Legal, HR, Finance, M&A and Operations leadership, driving accountability without a policing approach.

We are seeking someone who combines technical depth with commercial judgement.

• 5+ years’ experience in risk, compliance, audit or governance roles within professional services, consulting, technology or a listed environment.
• Strong experience managing risk registers, control frameworks, remediation plans and executive reporting.
• Working knowledge and experience supporting or managing SOC 2, ISO 27001/27002, NIST CSF or similar certification processes.
• Practical understanding and experience of global data protection and supplier risk requirements.
• Experience translating and documenting technical controls and regulatory requirements into operational practice in partnership with technical teams.

• Experience in a fast-growth or acquisition-heavy environment.
• Understanding of cybersecurity governance and information security risk management.
• Law or business-related degree (regulatory legal background advantageous).
• Professional compliance qualification.
• Experience within consulting or professional services.

• Intellectually curious and strategically minded.
• Commercially pragmatic, balancing robust risk management with entrepreneurial growth.
• Comfortable in a fast-paced, international, high-growth environment.
• Highly organised and disciplined in documentation and evidence management.
• Strong executive presence with the ability to influence senior stakeholders.
• Motivated by building and scaling processes rather than maintaining the status quo.