Head - Governance & Risk Compliance

This role involves leading the creation, implementation, and enhancement of the organization's GRC framework, overseeing comprehensive risk assessments, and developing GRC policies to ensure compliance with regulations like GDPR, PCI DSS, and ISO 27001. The Head of GRC will also lead audit processes, collaborate with stakeholders, deliver training, and supervise a team, reporting on KPIs and KRIs to senior management. Likewize is a company that provides device protection, repair, upgrade, and tech support services for major brands, emphasizing innovation and teamwork.

Must Have

• Lead the creation, implementation, and enhancement of the organization's GRC framework.
• Oversee comprehensive risk assessments to identify, analyze, and prioritize risks.
• Develop and implement risk mitigation strategies and report on risk levels to leadership.
• Develop and maintain GRC policies, standards, and procedures.
• Ensure adherence to all applicable laws, regulations (such as GDPR, PCI DSS, ISO 27001, and data privacy laws), and internal standards.
• Lead internal and external audit processes, coordinate with auditors, and manage the resolution of findings.
• Work with internal departments to ensure GRC activities support business goals.
• Serve as a key liaison with external regulatory agencies.
• Develop and deliver training programs to educate employees and stakeholders on GRC principles and policies.
• Supervise and mentor a team, report on KPIs and KRIs (Key Performance Indicators and Key Risk Indicators).
• Present findings and recommendations to senior management and the board of directors.
• Manage the GRC team and oversee specific areas like information security, data privacy, and IT compliance.
• Strong leadership and management skills.
• Extensive knowledge of risk assessment, policy development, and audit processes.
• Familiarity with a wide range of regulatory requirements, potentially including IT, data privacy, and financial regulations.
• Excellent communication and reporting skills, including the ability to articulate complex topics to both technical and non-technical audiences.
• A strategic mindset with the ability to align GRC initiatives with business objectives.

Job Description:

Key responsibilities

• Strategy and Framework: Lead the creation, implementation, and enhancement of the organization's GRC framework to align with business objectives and industry best practices.
• Risk Management: Oversee comprehensive risk assessments to identify, analyze, and prioritize risks. Develop and implement risk mitigation strategies and report on risk levels to leadership.
• Policy and Compliance: Develop and maintain GRC policies, standards, and procedures. Ensure the company adheres to all applicable laws, regulations (such as GDPR, PCI DSS, ISO 27001, and data privacy laws), and internal standards.
• Audit and Reporting: Lead internal and external audit processes. Coordinate with auditors, prepare documentation, and manage the resolution of findings.
• Stakeholder Collaboration: Work with internal departments to ensure GRC activities support business goals. Serve as a key liaison with external regulatory agencies.
• Training and Awareness: Develop and deliver training programs to educate employees and stakeholders on GRC principles and policies.
• Leadership: Supervise and mentor a team, report on KPIs and KRIs (Key Performance Indicators and Key Risk Indicators), and present findings and recommendations to senior management and the board of directors.
• Program Oversight: Manage the GRC team and oversee specific areas like information security, data privacy, and IT compliance.

Required skills and qualifications

• Strong leadership and management skills.
• Extensive knowledge of risk assessment, policy development, and audit processes.
• Familiarity with a wide range of regulatory requirements, potentially including IT, data privacy, and financial regulations.
• Excellent communication and reporting skills, including the ability to articulate complex topics to both technical and non-technical audiences.
• A strategic mindset with the ability to align GRC initiatives with business objectives.

Are you ready to join Likewize?

At Likewize, we are trusted by many of the world’s biggest brands to look after their customers tech. When their tech goes wrong we make it right.

We offer device protection insurance programs, repair services, upgrade and recommence solutions and also premium tech support.

The tech industry moves fast - but so do we. Innovation and disruption are in our DNA, so we are always challenging convention and looking for ways to do things better, quicker and making everything easier for our customers.

Doing that successfully takes trust, teamwork and a knack for making the complicated simple. We’re looking for creative, quick and relentless talent to join the team. Are you one of us?