PLEASE READ THE FULL JD BEFORE APPLYING. INCOMPLETE APPLICATIONS MAY NOT BE CONSIDERED.Location: RemoteWorking Pattern: Fractional / Part-TimeReporting To: General CounselAbout the OpportunityOur client is an emerging technology company developing advanced AI-driven cyber intelligence and risk management solutions for regulated industries.As the business continues to scale and expand into new markets, they are seeking a Privacy & Compliance Lead to support the development and operation of their privacy, compliance, governance, and legal operations functions.This is a substantive individual contributor role offering significant ownership and responsibility across privacy, compliance, governance, and operational legal matters.Working closely with the General Counsel, you will help build and maintain scalable compliance processes that support a growing international technology business.This opportunity is best suited to professionals who are comfortable contributing within an early-stage environment where engagement structures evolve alongside company growth.Application Process & Qualifying QuestionsPlease include your responses to the following questions within the same document as your CV:1. Experience: How many years of experience do you have working in privacy, compliance, legal operations, regulatory affairs, or related functions?2. GDPR & Privacy Operations: Please briefly describe your experience managing GDPR compliance activities, including any involvement with: Records of Processing Activities (RoPA); Data Protection Impact Assessments (DPIAs); Data Subject Rights Requests; Data Processing Agreements (DPAs)3. Industry Background: Have you worked within a SaaS, technology, cybersecurity, fintech, financial services, or other regulated environment? If yes, please provide details.4. Certifications: Do you hold any privacy, compliance, legal operations, or governance certifications (e.g. CIPP/E, CIPM, CIPT, ISO 27001, SOC 2, etc.)?5. Working Style: Are you comfortable working within a fractional, remote-first environment where you will be expected to operate independently and manage your own priorities?Applications submitted without responses to the above questions may not be reviewed.Key ResponsibilitiesCompliance Programme ManagementSupport the day-to-day operation of the compliance programmeMaintain compliance calendars, risk registers, and internal policy librariesMonitor regulatory developments across relevant UK, EU, and international frameworksPrepare compliance briefings and management updatesCoordinate compliance training and awareness activitiesSupport audit preparation and certification activities, including ISO 27001 and SOC 2Privacy & Data Protection OperationsSupport GDPR compliance activities across the businessMaintain privacy records, registers, and supporting documentationCoordinate Data Protection Impact Assessments (DPIAs)Manage Data Subject Rights Requests and associated processesSupport processor due diligence and vendor privacy reviewsMaintain privacy notices, policies, and supporting documentationAssist with international data transfer assessments and documentationLegal Operations & Contract ManagementSupport the management of standard commercial agreements, including NDAs, DPAs, supplier agreements, and advisory contractsMaintain contract registers and renewal trackingManage template libraries and version controlAssist with legal due diligence activities relating to partnerships, procurement, and fundraising initiativesCoordinate document execution and filing processesGovernance & Policy ManagementDraft, maintain, and update internal policies and governance documentationCoordinate policy reviews and staff acknowledgementsSupport management reporting on compliance and risk mattersAct as a first point of contact for internal compliance-related queriesEscalate legal matters appropriately to the General CounselIdeal Candidate ProfileYou are likely to be a strong fit if you have:4–8 years' experience within privacy, compliance, legal operations, governance, regulatory affairs, or similar functionsStrong practical experience operating GDPR compliance processesExperience managing compliance programmes or compliance-related activitiesExperience supporting legal operations and contract administrationExcellent written communication and documentation skillsStrong organisational skills and attention to detailThe ability to work independently whilst exercising sound professional judgementPreferred ExperienceThe following would be advantageous:CIPP/E, CIPM, CIPT, or similar privacy/compliance certificationsExperience within SaaS, cybersecurity, fintech, or regulated technology environmentsExposure to ISO 27001 or SOC 2 programmesFamiliarity with NIS2, ePrivacy, AI Act, or related regulatory frameworksExperience using contract lifecycle management tools or legal operations platformsExperience supporting international privacy and compliance activitiesWhat Makes Someone Successful in This RoleOrganised & ProactiveYou are comfortable managing multiple priorities and ensuring important compliance activities remain on track.Commercially AwareYou understand how compliance supports business growth and can balance risk with pragmatism.Strong CommunicatorYou can translate complex regulatory concepts into practical guidance for non-specialists.Independent & AccountableYou are comfortable working remotely and taking ownership of your responsibilities.Detail-OrientedYou enjoy building structure, maintaining standards, and ensuring nothing falls through the cracks.Engagement StructureThis opportunity is structured as a flexible fractional engagement and is designed for professionals interested in contributing to the development and growth of an emerging technology business.Further details regarding the engagement structure will be discussed with shortlisted candidates.On OfferFlexible remote workingOpportunity to work alongside experienced legal, cybersecurity, technology, and commercial leadersSignificant ownership and responsibilityExposure to complex international privacy and compliance mattersOpportunity to contribute to the development of a growing technology platform
