Strategic Governance, Risk & Compliance Leader

Who are we? South Western Railway (SWR) operates over 1,500 services each weekday across the network and employs more than 5,000 people. We provide easy and convenient mobility, connecting people and communities in South West London, southern counties of England, and the Isle of Wight. Join our team and help us continue to bring people together to get the most out of life.

About the job

To lead SWRL's integrated governance framework, ensuring that the organisation operates with transparency, accountability, and resilience. This role oversees compliance, risk management, assurance, insurance and claims, and data protection functions-embedding public value, legal compliance, and organisational learning across all levels. The postholder is a strategic leader, supporting executive governance and providing independent assurance to the Audit & Risk Committee.

Your main responsibilities will be:

• Governance Strategy & Leadership
  • Design and implement SWRL's integrated governance framework, encompassing compliance, risk management, internal audit, and insurance & claims.
  • Lead cross-functional alignment to ensure these areas support SWRL's strategic priorities, public accountability, and regulatory obligations.
  • Set standards for integrity, transparency, and learning across the organisation, embedding governance into everyday decision-making.
• Compliance and Privacy Oversight
  • Ensure compliance policies and procedures are maintained, relevant, and applied consistently across the business.
  • Monitor legal and regulatory developments (e.g. transport, data, procurement, safety) and advise on implications for SWRL.
  • Support investigations and corrective actions for compliance breaches, liaising with legal and HR functions where appropriate.
  • Oversee the delivery of compliance risk assessments and mandatory training programmes.
  • Provide strategic oversight of the Data Protection Officer and SWRL's data protection framework, including compliance with UK GDPR, DPA 2018, and PECR.
  • Oversee privacy risk assessments (DPIAs), breach investigations, and data subject access processes in partnership with the DPO.
• Enterprise Risk Management
  • Sponsor the development and maintenance of strategic and operational risk registers, ensuring robust ownership and mitigation.
  • Promote risk-informed decision-making at executive and programme levels.
  • Integrate risk practices into annual planning, performance management, and procurement strategies.
  • Chair risk review forums and oversee board-level and Audit & Risk Committee reporting on top risks and emerging threats.
• Internal Audit Coordination
  • Ensure the independence and effectiveness of SWRL's Internal Audit function.
  • Approve the annual audit plan and facilitate responses to audit findings and recommendations.
  • Support external audit processes and periodic quality assessments.
  • Promote continuous improvement through assurance insights and post-incident learnings.
• Insurance & Claims Management
  • Ensure SWRL's insurance portfolio provides appropriate coverage and risk transfer aligned to operational exposures.
  • Oversee claims handling processes for passenger, employee, property, and third-party incidents, ensuring fairness, efficiency, and value for money.
  • Monitor claims trends and ensure insurance intelligence feeds into risk and safety planning.
  • Support negotiation and renewal of policies in collaboration with brokers and finance colleagues.
• Reporting & Stakeholder Engagement
  • Deliver clear, concise governance reporting to the Executive Team and Audit & Risk Committee, including dashboards, trends, and escalated risks.
  • Act as the senior liaison with regulators, auditors, insurers, and oversight bodies (e.g. ORR, NAO, DfT).
  • Represent SWRL in public sector governance networks and cross-agency collaboration forums.
• Culture, Capability & Integration
  • Build team capacity across the four functional areas, including succession planning, cross training, and professional development.
  • Promote a culture of proactive reporting, collaborative problem solving, and ethical conduct.
  • Champion integration of governance disciplines to avoid silos and duplication-particularly through assurance mapping, policy harmonisation, and shared insights.

You'll need:

• Proven leadership experience across multiple governance disciplines (compliance, risk, audit, insurance).
• Post-holder must have a clear track record of maintaining functional independence across audit, compliance, and risk.
• Working knowledge of UK GDPR, DPA 2018, public sector governance standards (Managing Public Money, Orange Book, GovS Functional Standards), needs to be able to apply external benchmarking and public sector best practice to drive maturity and continuous improvement.
• Strong strategic thinking, influencing, and communication skills, a focus on ethical leadership and public service values as key to embedding integrity across governance structures.
• Experience engaging with boards, regulators, and senior stakeholders, demonstrated experience designing or embedding governance structures that protect audit independence and ensure appropriate escalation.

It would be beneficial if you have:

• Professional qualifications in governance, risk, audit, or law (e.g. IRM, CIPFA, CMIIA, CII).
• Experience in transport, infrastructure, or safety critical public services.
• Familiarity with regulatory bodies such as ORR, HSE, ICO, and DfT.

Working pattern

You will work an average of 37 hours across 5 days per week.

The Reward

In return we offer a competitive salary and a variety of valuable benefits, including:

• Free duty and leisure travel on SWR services for employees
• Free leisure travel for spouse/partner and dependants (criteria dependent)
• 75% discount on many other train operating companies
• Full training and support with development
• Excellent pension scheme

We all belong at SWR. Our vision is to provide an inclusive environment for all colleagues, ensuring all candidates have an equal opportunity to access meaningful employment. We value our differences such as age, gender, LGBTQIA+, ethnicity, religion, and disability. We maintain a zero tolerance towards any form of prejudice towards our colleagues, customers, and future talent. We celebrate and encourage diversity of thought, progressive ways of working and seeing all our colleagues grow and thrive. If you require additional support to complete your application due to a disability or neurodivergent condition, for example, dyslexia, dyspraxia, or autism, please follow the links below. We encourage you to share any additional needs you may require so we can provide a fair and equal process for all who apply.