Senior Governance, Risk & Compliance Manager

About ENSEK

ENSEK builds the cloud‑native SaaS software that’s transforming how energy retailers operate, innovate and manage at scale. We help retailers lower operating costs, improve billing accuracy for consumers, and enhance customer experience through automation and AI‑driven insight, all underpinned by modern, cloud‑native architecture. ENSEK is at an exciting inflection point as we scale at pace towards new international horizons. If you’re driven by solving complex, real‑world problems and want to build modern technology that accelerates the global energy transition, you’ll feel right at home with us.

About the role

The Senior GRC Manager is a pivotal role within the GRC function, operating at the intersection of governance, risk, and quality compliance activities. Reporting directly to the Head of GRC, this role plays a lead part in embedding and sustaining a robust GRC assurance framework across a high-growth SaaS business serving major energy suppliers. With revenues of c.£100m and an ambitious programme of international expansion into the US, APAC, and Europe, the business requires a commercially astute assurance professional who can scale frameworks beyond UK borders. The successful candidate will combine deep expertise in regulatory compliance and risk management with the gravitas to influence senior stakeholders and the agility to operate in a fast-moving technology environment. This is an opportunity to take a lead role in shaping how GRC is delivered across a growing organisation — building capability, driving continuous improvement, and ensuring the business is well positioned for the regulatory and contractual demands of new global markets.

Key responsibilities:

• Governance
  • Support the Head of GRC in developing, implementing and maintaining the organisation’s governance framework to support effective oversight, accountability and decision-making.
  • Oversee co-ordination and management of corporate policies, procedures and standards to ensure consistent and controlled business operations.
  • Promote alignment between governance processes, organisational strategy, ethical standards and business objectives.
• Enterprise Risk
  • Support the Head of GRC in maintaining and developing the enterprise risk management framework across the organisation.
  • Help develop and maintain the enterprise and operational risk registers, identifying emerging risks, and ensuring appropriate mitigations are in place.
  • Identify, assess, prioritise and monitor risks that may impact the organisation’s operations, assets, obligations or strategic objectives.
  • Work with stakeholders to design, implement and monitor effective controls to reduce risk exposure and strengthen organisational resilience.
  • Provide clear and timely risk reporting to senior leadership to support informed decision-making.
• Compliance
  • Maintain the organisation’s compliance framework, ensuring adherence to legal, regulatory, contractual and internal requirements.
  • Monitor changes in relevant legislation, standards, and client contractual requirements, translating these into practical operational controls and policy updates.
  • Support the companies audit lifecycle: scoping, scheduling, fieldwork coordination, findings management, corrective action tracking, and reporting.
  • Lead compliance gap assessments and readiness activity against relevant standards and frameworks, including GDPR, ISO and SOC requirements, where applicable.
  • Support re-certification audits, ensuring the business retains and expands its certification portfolio in line with client and market requirements.
  • Track, report and support the timely remediation of audit findings, control weaknesses and non-conformances.
  • Maintain and develop the organisation’s GRC management systems.
  • Drive a culture of continuous improvement across all certified management systems, embedding assurance disciplines into day-to-day operational practice.
  • Provide management reporting on compliance status, key themes, risks and improvement actions.
  • Maintain and extend the GRC framework to accommodate new jurisdictions as the business enters new markets, adapting to local regulatory environments whilst preserving a coherent global standard.
  • Produce high-quality management information and dashboards that give leadership clear visibility of assurance performance, audit status, and risk exposure.
• Stakeholder Management & Client Assurance
  • Build proportionate trusted relationships with client assurance and procurement teams, providing confidence in the organisation’s governance standards.
  • Support commercial and bid teams by contributing assurance-related content to RFPs, tenders, and due diligence processes.
• Business Management Systems & Reporting
  • Oversee the organisation’s digital GRC platforms, ensuring they are fit for purpose, up to date, and used effectively across the business.
  • Produce high-quality management information and dashboards that give leadership clear visibility of assurance performance, audit status, and risk exposure.
  • Identify and implement improvements to systems and processes that enhance data quality, efficiency, and reporting capability.
• Training & Capability Building
  • Design and deliver GRC training programmes to build awareness and competence across the business.
  • Champion a culture of compliance and continuous improvement, acting as an internal subject-matter expert and ambassador for the GRC function.

Key outcomes:

• Success in this role will be evidenced by:
• A fully maintained and internationally scalable GRC Framework that meets UK regulatory requirements and supports new market entry into the US, APAC, and Europe.
• Retention and expansion of ISO certifications with zero critical non-conformances at surveillance or recertification audits.
• A consistent and positive audit record across client-led, third-party, and regulatory audits, with timely closure of all findings.
• A well-maintained enterprise risk register with clearly evidenced mitigations and a reduction in the frequency and severity of material risk events.
• Strong stakeholder relationships evidenced by positive feedback from audits and compliance activities.
• High-quality, timely management reporting that enables the Senior Leadership Team to make informed decisions on risk and compliance matters.
• A measurable improvement in assurance awareness and competence across the business, evidenced by training completion rates and reduced non-conformance volumes.
• Successful onboarding of global compliance requirements as the business expands, ensuring the organisation is operationally and contractually ready in new markets.

Experience required:

• Significant experience in a Business Assurance, Compliance, Quality, or Risk Management role, ideally within a B2B SaaS or technology-enabled services environment.
• Demonstrable track record of managing end-to-end audit programmes e.g. SOX, SOC, ISO.
• Experience working with large enterprise clients, particularly in regulated sectors such as energy, utilities, or financial services.
• Exposure to international compliance environments, or a strong appetite and ability to build knowledge of US, APAC, and European regulatory frameworks.

Technical Knowledge

• Good working knowledge of SOC, GDPR and, ISO, with hands-on experience of certification and audit management.
• Proficiency in compliance and business management systems, with the ability to evaluate and improve digital tooling.

Skills & Competencies

• Strong written and verbal communication skills, with the ability to distil complex compliance and risk information for senior leadership and non-specialist audiences.
• Strong analytical and problem-solving capability, able to interpret data and draw out meaningful insights that drive business improvement.
• Highly organised with the ability to manage multiple workstreams simultaneously, prioritising effectively in a fast-paced environment.
• Commercial acumen and an understanding of how assurance activities support and protect business value.

Leadership & Influence

• Ability to lead without direct authority, influencing peers and senior stakeholders to embed assurance practices across the organisation.
• Confidence in presenting to senior leadership, chairing workshops and representing the organisation in client-facing audits.
• Comfortable operating in a high-growth, evolving business where processes and frameworks are continuously being developed and refined.

Company Benefits

• 25 days’ holiday + bank holidays
• Option to buy or sell 5 extra annual leave days per year
• Vitality Health Insurance, including private healthcare, virtual GP access, mental‑health support and wellbeing perks (50% off gym memberships - Virgin Active, Nuffield, PureGym)
• Pension with 5% matched contribution
• Regular team‑wide and company‑wide events
• 2 volunteering days per year to give back
• Remote‑first working environment with offices in London and Nottingham