Moonshot believes that marginalized people in society - including minority ethnic people, people from working class backgrounds, women, Disabled and LGBTQIA+ people - must be centered in the work we do. We strongly encourage applications from people with these identities or who are members of other communities who are currently underrepresented in our workforce. We know a diverse workforce will enable us to understand drivers behind violent extremism and online harms in an in-depth way and do better work to counter them.About The Role
Moonshot is seeking a Compliance Manager to lead this pivotal part of our business. Data management is critical to everything we do and we are looking for someone who will build on this foundation, particularly as we open offices in other geographies. The role is also designed to strengthen our wider compliance function and oversee the group's contractual environment.
The successful candidate will audit our current policies and processes in regards to compliance, particular in relation to GDPR standards, and identify new policies and procedures that should be implemented. They will ensure our team understands what is expected of them and increase awareness of data protection measures. This role reports into the Director of Operations, and is supported by two members of project teams who play DPO roles supporting project teams to ensure data compliance.
Responsibilities will includeLead Data Protection Officer
- Being the focal point for Information Security and acting as a key contact and escalation point;
- Acting as the Data Protection Officer to ensure that information legal requirements are met including GDPR compliance;
- Overseeing data protection compliance audits; undertake data mapping and gap analysis;
- Specifying and monitoring the implementation of robust security controls that support business efficiency and effectiveness;
- Ensure all key records are developed, including supporting the development of DPIAs for all projects, and maintaining ROPAs;
- Lead on the development of data protection policies and processes for the storage and deletion of data;
- Identify data legislation requirements in jurisdictions outside of the UK that Moonshot is required to comply with;
- Keep abreast of regulatory developments within or outside of the company as well as evolving best practices in compliance control;
- Review the work of colleagues when necessary to identify compliance issues;
- Respond to subject access requests;
- Lead on data compliance training for the team and act as a single point of contact for team enquiries;
- Review suppliers to ensure GDPR compliance.
Support the development of our data ethics
- Review and advise on contracts for work Moonshot will deliver;
- Review contracts with suppliers;
- Referral and liaising with external legal services on complex contracts;
- Maintain records of Signed Non Disclosure Agreements and other agreements.
Ensure The Maintenance Of Company Certifications
- Identifying relevant legislation, and working with the ethics team to articulate Moonshot's approach and justification;
- Support company audits, including ISO reviews, and reviews for other accreditations (e.g. US office).
- Lead internal and external audits and reviews (including ISO 9001, ISO 27001 and other international certifications.
- Solid IT or similarly relevant experience including information security and risk management;
- In-depth knowledge of regulatory compliances and frameworks, especially GDPR;
- Excellent knowledge of reporting procedures and record keeping;
- Experience in contract reviews and contractual law;
- An analytical mind able to "see" the complexities of procedures and regulations;
- Strong interpersonal skills necessary to collaborate and influence at all levels;
- Ethical, with the ability to remain impartial and report all noncompliances;
- Strong oral and written communication skills including the ability to communicate complex problems in a simple and concise way;
- Demonstrable ability to work under pressure, taking action and getting things done, both in managing your own workload and that of others.
- Experience with a growing organisation, setting up in new geographies, and managing compliance framework across locations;
- Experience with US and/or UK government contracting requirements, or other government procurement processes;
- Certified compliance professional is a plus.
- Individually tailored training and skills development package.
- 30 days (pro rata) paid annual leave.
- Private healthcare package, including coverage for partners and children.
- Employee Assistance Programme providing access to mental health support.
- Generous maternity and paternity package.