Governance, Risk
2 weeks ago
Job Title: Governance, Risk & Compliance Director
Team: CKG EMEACA
Responsible for:
Responsible to: EMEACA Managing Director & CKG Head of Infrastructure
Company Overview:
The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., its sister company in the UK, and Constellation Kidney Group (Canada), are all members of the Constellation Kidney Group. Clinical Computing, Mediqal Health Informatics and Constellation Kidney Group (Canada) all provide Electronic Medical Record (EMR) solutions called Clinical Vision, eMed Renal, and Renal Insight, respectively. These are designed specifically for the renal market and the management of clinical records for CKD, ESRD and transplant patients. Clinical Computing and Constellation Kidney Group (Canada are ISO 13485 Medical Device certified organizations. These companies operate in the UK, EU, Canada, Australia, New Zealand and the USA.
Job Overview:
We seek an information security and compliance leader to achieve our company’s data security and compliance objectives. This work encompasses the management of security controls (ISO 27001 and SOC 2) our QMS ISO 13485 contract assessments, and enterprise best practices. This unique opportunity is perfect for individuals who want to build on their cyber security and governance experience, are passionate about compliance, and want to make an impact in the company. You will direct, manage, and provide leadership for the organization’s information security and compliance program. This includes developing, implementing, and maintaining an information security and quality management program that meets or exceeds the requirements of industry regulations, standards, policies, and legal requirements.
Salary will be dependent on experience and qualifications.
This role requires attendance at a meeting in London monthly on an ad hoc basis.
International travel will be required.
This is a UK based role, therefore, you must be a resident in the UK.
Key Responsibilities:
ISO 13485 Quality Management System (QMS)
- Act as management representative, maintaining compliance with ISO 13485, including responsibility for successful internal and external audits.
- Ensure QMS processes are defined, documented, implemented, and maintained.
- Maintain the integrity of the QMS when changes are planned and implemented.
- Report to top management on the effectiveness of the QMS and any need for improvement.
- Ensure the promotion and awareness of regulatory and QMS requirements throughout the organization.
- Also act as a regulatory correspondent and document controller.
- Complete significant change reviews.
Information Security Management System (ISO 27001)
- Act as information security manager, responsible for the processes, documentation, practices, and certification of ISO27001, including the management of internal and external audits across our markets.
Overall responsibility for all compliance and information security matters, including routine items such as the NHS DSPT Toolkit and completing ad-hoc customer questionnaires as required.
Lead yearly certification of Cyber Essentials and Cyber Essentials Plus
Act as privacy officer for the region, develop, implement, and oversee compliance with privacy legislation, including handling challenges or complaints.
Other duties as assigned
Develops, maintains, and communicates the organization’s information security policy and procedures
Evaluate new or updated industry regulations to ensure continued compliance
Enforces information security controls and investigates/responds to information security incidents
Reporting on the performance of the information security management system to top management
SOC 2 compliance for CKG USA. Initially, start with SOC 2 Type I and then complete SOC 2 Type II
Incident response planning and testing
Disaster recovery planning and testing
Responsible for network and application penetration testing
Maintain security and compliance metrics
Maintain and manage our information security and compliance tool Vanta.
Other duties as assigned
Qualifications Required:
Essential
- A bachelor’s degree or equivalent qualification in information security, computer science, or related field.
- Are you well-versed in industry regulations and can translate complex security concepts into layman’s terms.
- Certifications (preferred): CISSP, CISM, CRISC, CISA, CEH
- Experience Required
Essential
- ISO 27001
- SOC 2
- Detail-oriented with the ability to see the “big picture”
- Thorough knowledge of information security and compliance concepts
- Working knowledge of industry-leading information security tools and technologies
- Ability to work independently and manage multiple priorities simultaneously
Desirable
- In-depth knowledge of at least one major regulatory framework (e.g. HIPAA, SOC 2, ISO 27001, etc.)
- Certifications in information security or compliance (CISSP, CISM, CRISC, CISA, CEH)
- Experience leading security teams for financial, retail, healthcare, small business, education, etc.
- Interest in emerging technologies related to information security and compliance
What You Can Expect From Us
- 25 days’ annual leave (increasing with length of service) plus bank holidays
- Company profit share bonus scheme
- Annual salary reviews, based on individual performance
- Professional Development by e-learning, and contribution to course with accredited certification
- Enhanced Maternity and Paternity pay
- Access to our retail discounts platform
- Employee Assistance Programme with 24/7 support
- Private Medical Insurance
- Health Cash Plan
- Company Sick Pay
- Purchase Holiday Scheme
- Group Pension Scheme with salary sacrifice
- Life Assurance
- Refer a Friend scheme
- Cycle to Work scheme
Diversity within the workplace
At CCL / MHI we are pleased to say we create a diverse and inclusive work environment. We are an equal opportunity employer, and we actively encourage all individuals to express themselves and to achieve their full potential.
As a company, we continuously strive to outreach to individuals of all backgrounds and identities. We do not discriminate against applicants based on gender identity, race, national and ethnic origin, religion, pregnancy, age, sexual orientation, and/or mental or physical disabilities.
If you have a disability, such as dyslexia or a medical condition which you believe may affect your performance during any aspect of our selection process, we will be happy to make reasonable adjustments to enable you to complete the process to your best ability.
By prioritising employee wellbeing, experience, recognition, and development, we are instrumental in attracting, nurturing, and retaining top talent that contributes to CCL & MHI's and Canada's success and growth. Apply now to be part of a team that offers career development opportunities and highly values innovation, creativity, responsiveness, and excellence.
-
Governance Risk Manager
2 weeks ago
Eastern England, United Kingdom Edenbrook Full timeNew Governance and Risk Management OpportunityEdenbrook is seeking a seasoned Governance and Risk Manager to join its People Governance & Risk team. As a key member, you will report directly to the Head of People Governance & Risk and play a pivotal role in delivering governance and risk activities across the Insurance and Functions People team.Key...
-
Governance Manager
2 weeks ago
England,, UK, United Kingdom Edenbrook Full timeNew Governance and Risk Manager opportunity working with a leading global health insurer. You will become a key member within the People Governance & Risk team reporting into the Head of People Governance & Risk, and support the delivery of governance and risk activities across the Insurance and Functions People team. You will implement sound governance and...
-
Regulatory Risk governance manager
2 weeks ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., Clinical Computing, Mediqal Health Informatics and Constellation Kidney Group (Canada) all provide Electronic Medical Record (EMR) solutions...
-
Regulatory Risk governance manager
2 weeks ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., Clinical Computing, Mediqal Health Informatics and Constellation Kidney Group (Canada) all provide Electronic Medical Record (EMR) solutions...
-
Regulatory Risk governance manager
1 week ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., Clinical Computing, Mediqal Health Informatics and Constellation Kidney Group (Canada) all provide Electronic Medical Record (EMR) solutions...
-
Director of Finance and Governance
2 months ago
England,, UK, United Kingdom DiverseJobsMatter Full timeJob DescriptionWe are the independent charity that cares for the world’s greatest Shakespeare heritage sites in the Shakespeare’s home town of Stratford-upon-Avon. It is the global centre for learning about and experiencing the works, life and times of the world’s best-known writer. Through the five historic Shakespeare family homes, internationally...
-
Compliance and Governance Analyst
2 weeks ago
England, United Kingdom Hedron Network Full timeCompliance and Governance Analyst Location: Leeds Salary: £Negotiable + Benefits We’re expanding our Compliance and Operations team in London or Leeds to continue to support our businesses in the most effective way. Your primary focus will be to manage the regulatory compliance and operational frameworks that contribute towards robust governance...
-
Compliance and Governance Analyst
1 month ago
England, United Kingdom Brown & Brown Europe Full timeCompliance and Governance Analyst Location: LeedsSalary: £Negotiable + BenefitsWe’re expanding our Compliance and Operations team in Leeds to continue to support our businesses in the most effective way.Your primary focus will be to manage the regulatory compliance and operational frameworks that contribute towards robust governance across the business....
-
Compliance and Governance Analyst
3 weeks ago
England, United Kingdom Hedron Network Full timeCompliance and Governance Analyst Location: LeedsSalary: £Negotiable + BenefitsWe’re expanding our Compliance and Operations team in London or Leeds to continue to support our businesses in the most effective way.Your primary focus will be to manage the regulatory compliance and operational frameworks that contribute towards robust governance across the...
-
Compliance and Governance Analyst
4 weeks ago
England, United Kingdom Brown & Brown Europe Full timeCompliance and Governance Analyst Location: LeedsSalary: £Negotiable + BenefitsWe’re expanding our Compliance and Operations team in London or Leeds to continue to support our businesses in the most effective way.Your primary focus will be to manage the regulatory compliance and operational frameworks that contribute towards robust governance across the...
-
Compliance and Governance Analyst
3 weeks ago
England,, UK, United Kingdom Hedron Network Full timeCompliance and Governance Analyst Location: LeedsSalary: £Negotiable + BenefitsWe’re expanding our Compliance and Operations team in London or Leeds to continue to support our businesses in the most effective way.Your primary focus will be to manage the regulatory compliance and operational frameworks that contribute towards robust governance across the...
-
Governance, Risk
2 weeks ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director Team: CKG EMEACA Responsible for: Responsible to: EMEACA Managing Director & CKG Head of Infrastructure Company Overview: The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., its sister...
-
Governance, Risk
1 week ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director Team: CKG EMEACA Responsible for: Responsible to: EMEACA Managing Director & CKG Head of Infrastructure Company Overview: The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., its sister company...
-
Governance, Risk
2 weeks ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director Team: CKG EMEACA Responsible for: Responsible to: EMEACA Managing Director & CKG Head of Infrastructure Company Overview: The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics., its sister...
-
Governance, Risk
1 week ago
England, United Kingdom Clinical Computing Full timeJob Title: Governance, Risk & Compliance Director Team: CKG EMEACA Responsible for: Responsible to: EMEACA Managing Director & CKG Head of Infrastructure Company Overview: The Constellation Kidney Group is the global leader in dialysis care software and technology services. Clinical Computing, along with Mediqal Health Informatics.,...
-
Information Security Analyst
4 days ago
London, England, United Kingdom Trustpilot Full timeOur vision is to be the universal symbol of trust, bringing consumers and businesses together through reviews. We are well on our way — but there’s still an exciting journey ahead. Join us at the heart of trust. We are seeking a mid-level Governance, Risk and Compliance analyst, working in our Information Security Team, to enable us to continue to...
-
Field Risk Analyst
4 weeks ago
England, United Kingdom BlueVoyant Full timeROC Risk Analyst I Location: United Kingdom Produce formatted reports for clients to help them understand cyber risk profiles of specific networks. Assist in discovery, analysis and tracking of advanced cyber threats. Identify and correlate adversary tactics, techniques, and procedures (TTPs) across a range of raw data sources from host to internet....
-
Field Risk Analyst
4 weeks ago
England, United Kingdom BlueVoyant Full timeROC Risk Analyst I Location: United Kingdom Produce formatted reports for clients to help them understand cyber risk profiles of specific networks. Assist in discovery, analysis and tracking of advanced cyber threats. Identify and correlate adversary tactics, techniques, and procedures (TTPs) across a range of raw data sources from host to internet....
-
Field Risk Analyst
1 month ago
England, United Kingdom BlueVoyant Full timeROC Risk Analyst I Location: United Kingdom Produce formatted reports for clients to help them understand cyber risk profiles of specific networks. Assist in discovery, analysis and tracking of advanced cyber threats. Identify and correlate adversary tactics, techniques, and procedures (TTPs) across a range of raw data sources from host to internet....
-
Technology Resilience Risk Manager
1 month ago
England, United Kingdom Nationwide Building Society Full timeAt the same time we are investing in the Operational Risk Oversight team in the second line of defence. Nationwide has a vast Technology estate and continually upgrading and investigating the benefits of introducing new technology, but our focus is always on improving technology to ensure member services are resilient and available when our member want to...
