Legal & Compliance Lead (German-speaking) in Ipswich

We are an InsurTech business working with some of Europe's largest and most innovative insurers, combining technology, regulatory expertise, and deep insurance know-how to help clients build, launch, and grow. Our work spans a broad range of challenges across European markets. As we continue to grow, legal and compliance expertise remains a key part of enabling our clients' success and supporting the development of our own business.

We are looking for a mid to senior compliance professional to take end-to-end ownership of our legal, data protection and compliance programme. This is a high-autonomy role spanning DPO, ISO 27001, and legal contract support — working directly with the CEO, CTO, and external counsels in a fast-growing InsurTech. Beyond the core compliance remit, the role also supports the MGA and EU market access function, providing senior compliance input and developing into a regulatory backup over time.

We operate under GDPR, hold ISO 27001 certification, and support a portfolio of 40+ mostly London market insurance brokers and MGAs as a leading provider of post-Brexit EU market access solutions. We are committed to supporting the right candidate in obtaining all required qualifications connected to the role, including company-sponsored support, dedicated study leave and preparation time.

What You'll Do:

• Data Protection & DPO: Serve as the named Data Protection Officer under EU and UK GDPR, maintaining the full compliance programme — including RoPA, privacy notices, lawful basis documentation, retention schedules, DSARs, LIAs, and international transfer assessments. Conduct and review DPIAs for new products, vendors, and processing activities. Own breach response procedures and act as the primary point of contact with relevant data protection supervisory authorities. Monitor AI-related privacy risks and maintain practical AI governance documentation.
• ISO 27001 & Information Security: Lead and maintain the ISO 27001 ISMS, ensuring it remains embedded, effective and audit-ready. Maintain the GRC platform, including control evidence, policy documentation, risk records, and compliance workflows. Own the information security risk register, including risk assessments, mitigation tracking, horizon scanning, and leadership reporting.
• Legal & Contract Support: Draft, review and quality-check commercial, client, vendor, and supplier contracts. Maintain contract templates, legal playbooks, and related repositories. Own contract administration and e-signature workflows.
• Compliance Operations & Reporting: Manage the company-wide compliance training programme, covering data protection, regulatory compliance, AI governance, and role-specific needs. Maintain the compliance incident management framework. Support horizon scanning for legal, regulatory, and compliance developments.
• EU Market Access & MGA Compliance: Work closely with the existing EU market access team to support compliance oversight across the client portfolio. Act as senior compliance escalation point for client queries, regulatory interpretation, and ongoing market access matters.

This is a genuine ownership role. You will hold the DPO appointment, lead the ISO programme, and have a direct line to leadership. For the right person, this is a rare opportunity to own a full compliance and legal function in a fast-growing InsurTech operating at the heart of the regulated insurance world.

About You:

• Fluent in German and English (written and spoken)
• Demonstrated experience in data protection and/or compliance in a regulated environment
• Legal background or strong legal exposure (a Law degree is advantageous)
• A holder or is actively working towards a recognised DPO qualification
• Familiar with ISO 27001 and information security management
• Comfortable with ambiguity and able to work independently across multiple disciplines
• A confident communicator, able to engage credibly with senior stakeholders, clients, and external advisers
• Detail-oriented while maintaining a strong strategic perspective
• Insurance or InsurTech experience is a bonus, but curiosity about the sector matters more

We Offer:

• A small, senior team where your work is visible and your voice is heard
• A clear pathway into a Legal, Compliance & Regulatory leadership position
• The opportunity to be part of a company intentionally building towards an AI-first way of working
• Full support towards required qualifications
• An attractive salary package
• Stock options, so you share directly in KASKO’s long-term success
• Unlimited holiday - you own your time off
• Flexible working hours and the freedom to work from anywhere in the UK or Germany

KASKO is an Equal Opportunity Employer and we value diversity at our company. We do not discriminate based on race, religion, national origin, colour, gender, gender identity or expression, sexual orientation, age, marital or parental status, disability status, or any other characteristic protected by law.