Rodeo
ResourcesPartnersSign in

Conscia

Risk & Compliance Manager

Portsmouth
Posted 2 days ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Risk & Compliance Manager

Risk and Compliance Manager

Job Type: Permanent Hours of Work: Full-time Location: Hybrid/remote with access to our office locations in Abingdon, Portchester and Wootton Bassett Department: Finance Reporting to: CFO

About Conscia

Conscia is a leading provider of cybersecurity, networking, hybrid cloud, and observability solutions for mission-critical IT infrastructure in large European organisations. Conscia’s experts design, implement, and run innovative, customised IT solutions across cybersecurity, networking, hybrid cloud, and observability, supporting customers throughout their technology lifecycles. Founded in 2003, Conscia is owned by private equity investor Nordic Capital. With around 1,500 employees, Conscia serves large organisations in finance, healthcare, manufacturing, utilities, retail, and the public sector from offices in Belgium, Denmark, Finland, Germany, Ireland, Norway, Slovenia, Sweden, the Netherlands, and the UK.

People and Culture

We believe our company culture is part of what makes us special: it’s part of what people love about working here. We’re dedicated to nurturing a positive and inclusive culture, ensuring people can bring their whole selves to work each day. Our goal is to foster an environment where everyone feels valued, heard, and supported, and where they can thrive and succeed. This is reflected in our company values: Inspire Trust, Commit to Collaborate, Deliver on Promise, Learn for Life, and Embrace Sustainable Change.


About the Role

The Risk and Compliance Manager is a newly established role reporting to the CFO. This position is responsible for establishing, maintaining, and continually improving the organisation’s governance, risk management, and compliance framework. The role ensures the business operates in accordance with legal, regulatory, contractual, and certification requirements while supporting commercial objectives and safeguarding the organisation from operational, financial, legal, and reputational risks.

The Risk and Compliance Manager acts as the primary point of coordination for:

  • Corporate governance
  • Contractual risk management
  • Information security compliance
  • Quality management
  • Environmental management
  • Supplier assurance
  • Policy development
  • Business continuity planning

Working closely with senior leadership, legal advisers, customers, suppliers, and external auditors, the role holder provides pragmatic advice and oversight to ensure risks are identified, assessed, mitigated, and managed effectively.


Responsibilities

Governance and Risk Management

  • Maintain and develop the organisation’s enterprise risk management framework.
  • Own and maintain the corporate risk register and associated mitigation plans.
  • Identify emerging legal, regulatory, commercial, and operational risks.
  • Provide risk reporting, analysis, and recommendations to the Leadership Team and Board.
  • Support strategic decision-making through risk assessment and governance reviews.
  • Lead internal governance reviews and compliance monitoring activities.
  • Develop and maintain governance policies, procedures, and controls.

Compliance Management

  • Ensure compliance with applicable legislation, regulations, and industry standards.
  • Maintain legal and regulatory compliance registers.
  • Monitor changes in legislation and assess organisational impacts.
  • Coordinate responses to customer compliance questionnaires, audits, and due diligence requests.
  • Manage corrective actions arising from audits, incidents, or compliance reviews.
  • Develop and deliver compliance awareness initiatives across the business.

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

Information Security and Data Protection

  • Own compliance with ISO 27001 and associated information security controls.
  • Coordinate information security governance activities with internal and external stakeholders.
  • Maintain policies and procedures relating to information security and data protection.
  • Own GDPR compliance activities, including supplier due diligence, contractual reviews, and incident management.
  • Coordinate security-related customer requirements and assurance activities.

Quality and Environmental Management

  • Manage the Integrated Management System (IMS).
  • Maintain certification against ISO 9001, ISO 14001, and ISO 27001.
  • Coordinate certification audits and surveillance visits.
  • Lead internal audit programmes and management review activities.
  • Manage non-conformities, corrective actions, and continual improvement initiatives.
  • Maintain organisational objectives, monitoring programmes, and performance reporting.

Contractual and Commercial Risk

  • Review customer, supplier, and partner contracts to identify and mitigate risk.
  • Provide contractual and commercial guidance to sales, procurement, and operational teams.
  • Own negotiations relating to liability, indemnities, service levels, data protection, and regulatory obligations.
  • Maintain contract governance processes and contract management frameworks.
  • Oversee contractual compliance obligations throughout contract lifecycles.
  • Own dispute resolution and contractual issue management.

Supplier Assurance and Procurement Governance

  • Develop and maintain supplier assurance and onboarding processes.
  • Conduct supplier risk assessments covering security, compliance, financial stability, and business continuity.
  • Maintain approved supplier records and assurance documentation.
  • Own procurement governance and due diligence activities.
  • Monitor critical supplier performance and compliance.

Business Continuity and Resilience

  • Maintain the Business Continuity Management framework.
  • Coordinate business impact assessments and continuity planning activities.
  • Develop and maintain business continuity and disaster recovery plans.
  • Coordinate testing and exercising programmes.
  • Own incident response and organisational resilience initiatives.

Corporate Governance

  • Maintain corporate policies and organisational procedures.
  • Own company secretarial and governance activities as required.
  • Coordinate insurance renewals and risk disclosures.
  • Manage governance requirements arising from acquisitions, restructures, and organisational change.
  • Maintain organisational records and document control processes.

Audit and Assurance

  • Lead internal audit planning and execution.
  • Coordinate external certification and customer audits.
  • Track audit findings and corrective actions.
  • Produce management reports and compliance metrics.
  • Support assurance activities across all operational functions.

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

Stakeholder Management

  • Act as a trusted advisor to senior management on risk and compliance matters.
  • Engage with customers, suppliers, auditors, certification bodies, and regulatory stakeholders.
  • Own bid and tender responses relating to governance, compliance, and assurance requirements.
  • Promote a positive culture of compliance and continuous improvement throughout the organisation.

Requirements

Essential

  • Significant experience in risk, compliance, governance, legal operations, or business assurance within a technology, managed services, telecommunications, or professional services environment.
  • Proven experience managing integrated management systems, including ISO 9001, ISO 14001, and ISO 27001, together with internal and external audit programmes.
  • Experience reviewing, negotiating, and managing commercial contracts, contractual risk, and liability provisions.
  • Experience developing and maintaining governance frameworks, risk registers, policies, procedures, and internal controls.
  • Experience managing supplier assurance, due diligence, and third-party risk management programmes.
  • Working knowledge of information security, UK GDPR, data protection, business continuity, and organisational resilience practices.
  • Strong understanding of risk management principles, quality management systems, and continual improvement methodologies.
  • Knowledge of public sector procurement frameworks and compliance requirements.
  • Strong analytical, problem-solving, and risk-based decision-making skills with excellent commercial awareness.
  • Excellent written and verbal communication skills, including policy drafting and the ability to influence stakeholders at all levels.
  • Ability to interpret complex legal, contractual, and regulatory documentation and translate requirements into practical business controls.
  • Highly organised, self-motivated, and able to manage multiple priorities with minimal supervision while maintaining strong attention to detail.

Nice to have

  • Degree or equivalent professional experience.
  • Internal Auditor or Lead Auditor qualification in one or more of ISO 9001, ISO 14001, or ISO 27001.
  • Risk Management qualification (IRM or equivalent).
  • Data Protection qualification (IAPP, BCS, or equivalent).
  • PRINCE2, MSP, or similar project/programme management qualification.
  • Membership of a recognised compliance, governance, or risk management professional body.

Benefits

We constantly review our benefits package to support our employees effectively. Our current benefits package includes:

  • 25 days of annual leave, plus bank holidays; a buy/sell holiday scheme, allowing you to buy/sell up to 5 days each year.
  • A day off on your birthday.
  • Flexible working.
  • Up to 40 days of occupational sick pay.
  • Life assurance.
  • Private healthcare.
  • Electric vehicle lease scheme.
  • Bicycle purchase scheme.
  • Enhanced maternity and paternity pay.
  • Voucher rewards through YuLife.
  • A positive and supportive culture to help you bring your best self to work.
  • Ongoing support for your professional development.
Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Risk Management
Compliance Management
Governance Frameworks
ISO 9001
ISO 14001
ISO 27001
Contract Negotiation
UK GDPR
Supplier Assurance
Internal Auditing
Business Continuity Planning
Stakeholder Management
Data Protection
Regulatory Compliance
Commercial Awareness
Policy Drafting

Location

Portsmouth, England, United Kingdom

Sign up to applySee more jobs like this