Compliance Advisor II supporting enterprise - wide compliance operations at AltaMed. Involves audits, training, policy drafting, and compliance queries with healthcare focus.
About the role
- Risk & Compliance Lead responsible for designing and implementing risk compliance frameworks for a SaaS company. Collaborating with cross-functional teams to mitigate operational and regulatory risks.
Responsibilities
- Own Elliptic’s Risk and Compliance strategy, frameworks, and annual plan
- Maintain risk taxonomy, registers, and assessment cadence across business, product, data, third‑party, and operational risks
- Facilitate risk identification with domain owners, evaluate inherent/residual risk, and drive treatment plans
- Identify applicable obligations and industry standards for a SaaS provider and maintain a single control framework mapped to them
- Plan and run a risk‑based assurance programme to test control design and effectiveness
- Partner with Platform, SRE, and Security to validate backup, recovery, continuity, and disaster recovery capabilities
- Set methodology and thresholds for vendor and product risk, partnering with Procurement, Legal, and Product to embed controls in lifecycle workflows
- Coordinate external audits and certifications as needed; ensure our evidence strategy is efficient and reusable
- Enable teams through guidance, training, and practical tooling; make compliance easy and transparent
Requirements
- Proven ownership of an ERMF or equivalent risk programme in a SaaS or technology business
- Designing and operating a unified control framework mapped to multiple obligations or standards
- Knowledge of data protection and data governance practices relevant to SaaS
- Planning and executing risk‑based assurance and control testing, and managing CAPA to closure
- Partnering with engineering and product teams to embed quality and compliance controls into their operations
- Clear, concise written communication and executive risk reporting
- Strong stakeholder management across technical and non‑technical teams
- Nice to have
- Experience with ISO 27001, SOC 2, or similar certifications, and familiarity with ISO 9001/22301/14001 as contributing inputs
- Exposure to model risk governance or validation practices
- Experience with evidence automation or compliance tooling
Benefits
- Hybrid working and the option to work from almost anywhere for up to 90 days per year
- £500 Remote working budget to set up your home office space
- $1,000 Learning & Development budget to use on anything (agreed with your manager) that contributes to your growth and development
- Holidays: 25 days of annual leave + bank holidays
- An extra day for your birthday
- Enhanced parental leave: we provide eligible employees, regardless of gender or whether they become a parent by birth or adoption, 16 weeks fully-paid leave
- Private Health Insurance - we use Vitality!
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Manager, Regulatory Affairs coordinating global regulatory submissions for therapeutic development. Collaborating cross - functionally to meet regulatory agency requirements and ensure compliance.
Senior Scientist responsible for developing and maintaining Core Labeling for pharmaceutical products. Collaborating with global teams to ensure compliance with regulatory requirements and quality standards.
Compliance Intern offering forensic analysis support for Johnson & Johnson. Engaging in audits and analytical tasks in a hybrid work environment in New Brunswick, NJ.
Director, Global Regulatory Leader responsible for global regulatory strategies in innovative medicine for investigational products. Leading cross - functional teams and ensuring regulatory compliance with health authorities.
GRC Analyst supporting Siteimprove's security governance, risk, and compliance team. Engaging with customers, managing vendor security reviews, and enhancing security practices.
Compliance Manager overseeing United Rotorcraft’s compliance initiatives with federal standards. Ensuring audit readiness and managing supplier compliance and training programs.
Regulatory Compliance Projects Manager at Betclic ensuring compliance in product development and coordinating regulatory matters across jurisdictions. Leading cross - functional projects in a dynamic environment.
Trade Compliance Officer managing US trade compliance operations for Thales' InFlight Entertainment Business Line. Developing and implementing comprehensive trade compliance programs aligned with regulatory requirements.
Quality & Compliance System Senior Specialist overseeing Quality Management Systems in a global biopharmaceutical company. Ensuring GMP compliance and continuous improvement in quality processes.