Governance, Risk and Compliance Manager
London, England, United Kingdom
Applications have closed
Doctor Care
Access appointments for health advice, treatment or prescriptions from a fully qualified GP or ANP 24/7, 365 days a year.Are you looking to make a difference? So are we...
Thanks for stopping by! We’re Doctor Care Anywhere: a leading digital platform, with a clear vision to radically transform the future of healthcare – and that all starts with our brilliant team.
From doctors and designers to software developers and marketers – we’re proud of our people, who love working together to enhance patient experiences for the better. It’s why every year, we help over 2 million people speak to a GP by video or phone, anywhere in the world.Our story started back in 2013, but as we continue to rapidly grow, we’re looking for the very best talent to help us achieve our ambitious goals.
If you’re highly motivated, hard-working and ready to dream big – while having lots of fun at the same time – then we want to hear from you today!
Your new role:As an GRC Manager you will work closely with and support the Chief Risk Officer and have input in the scoping and delivery of end to end GRC initiatives and projects, to drive compliance and improve standards for our teams, patients and doctors, within Doctor Care Anywhere (DCA) and its subsidiary companies.
Responsible for delivery and maintenance of the compliance activities – ISO 27001 and 9001 requirement, including maintenance of ISMS. This role will manage the process across the organisation working closely with all departments and teams delivering ISO workshops and any required training.
Requirements
- Oversee DCA’s policies, processes and protocols whilst ensuring that they have been documented, reviewed periodically and are easily accessible by staff
- Oversee the implementation and embedment of new policies, processes and procedures across the company
- When required assist with the development of GRC policies, procedures and frameworks
- Develop an internal control risk management assessment process to test compliance against policy and procedure requirements and principles
- Support organisational compliance / regulations initiatives
- Manage the ISO 27001 and 9001 ISO certification. Ensure QMS processes are established, implemented, and maintained. Review and planning of internal audits.
- Coordinate and manage the ISO audit on an annual basis and for recertification
- Creating and maintaining documented processes, procedures for governance, risk and compliance
- Lead on the document control process for the organisation including chairing the Document Control Committee
- Applying appropriate due-diligence to ensure quality solution designs are produced that are compliant with policy and standards
- Building an evidence repository to enable us to more efficiently provide evidence of compliance to client requirements
- Oversee the management of the complaints process and ensure compliance
- Contribute to the delivery of the GRC annual assurance plan
- Undertake second line ISO/Internal Audit reviews at least annually prior to external audits
- Work closely with the clinical governance team to deliver CQC requirements
Skills
Essential
- Analytical mind with an aptitude for figures and data-driven argumentation, very good Excel skills are a must;
- High level written communication skills, including but not limited to policy writing, report, plan and training;
- Strong attention to details and ability to identify abnormalities by triangulation
- Problem solving will come naturally to you, with the ability to set priorities, manage multiple deadlines and effectively deliver tasks and processes on time;
- You will be able to work both autonomously, and effectively contribute to a team;
- Highly computer literate (Microsoft and business applications) with the ability to familiarise quickly to new systems / programs.
Desirable
- Demonstrated experience in implementing and reviewing policies, plans and procedures;
Experience
- Experience of an ISMS production and delivery as part of an ISO27001 certified programme
- Experience of managing client/business partner security assurance programmes
- Recent experience of working in a similar capacity in a healthcare or insurance environment
- Excellent interpersonal skills, comfortable working at all levels within an organisation and in a wide variety of situations
- Relevant industry certification (e.g. ISO 27001 Lead Auditor, CISSP, CISM, etc.) desirable
- Excellent knowledge of methodologies, processes and tools associated with supporting this function effectively
Benefits
Benefits
Why you want to work here:
We understand the importance of good health and happiness for our patients and our team is just the same. You should expect to be as supported and valued being a member of our team and have the freedom to make the most of your role and career with us! When you’re part of the team you will have access to:
- Free Private Medical Insurance (savings on vision and dental care plus 40% off Nuffield Health gym membership)
- Doctor Care Anywhere subscription for you + 5 members of your friends or family
- Company bonus
- 25 days holiday + bank holidays
- 4 x charity days a year
- Enhanced Maternity and Paternity pay
- Life Assurance
- Bike2Work scheme
- Cross-team collaboration opportunities in an autonomous environment
- Remote / Flexible Working with contribution towards home set up and your laptop provided
- Range of Development opportunities including learning and progression
- Pool Table, PlayStation and karaoke machine
- Beer Fridge Fridays / Free fruit + snacks
Tags: Audits CISM CISSP Compliance Governance ISMS ISO 27001 Risk management
Perks/benefits: Career development Fitness / gym Flex hours Flex vacation Gear Health care Parental leave Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs