Head Of IT Legal & Regulatory Compliance

Job Title: Head Of IT Legal & Regulatory Compliance
Contract Type: Contract
Location: South East England, England
Salary: Negotiable
Start Date: ASAP
Reference: JN -052018-173289
Contact Name: Sarose Burnley
Contact Email:
Job Published: May 31, 2018 18:22

Job Description

A Head Of IT Legal and Regulatory Compliance is required for an URGENT contract requirement in the South East of England.

This role sits within the IT and digital security and risk part of the Global energy trading organisation.

All Candidates MUST HAVE PCI DSS and Sarbanes Oxley (SOX) exposure with a Global sized organisation. profiles without this will not be considered. If you do have this experience then please read on:

This is a new role due to the increasing volume of legal and regulatory

requirements within cyber security and the wider IT environment.

Key accountabilities  Management of IT&S compliance team.

 Set legal & regulatory compliance strategy, processes and

tooling working closely with the Head of IT Governance &


 Influence Group wide cyber security policies, standards & best

practices in line with compliance requirements.

 Drive SOX and PCI DSS compliance activity including

planning, scoping, management assessment and liaison with


 Define and lead execution of activity required to allow BP to

work towards compliance with new cyber security and privacy

legislation globally.

 Lead and manage all IT external audit activity across the


 Lead Ethics & Compliance for IT&S in line with Group


 Produce high quality compliance deliverables for consumption

by various Group-wide senior stakeholders. This includes IT&S

Due Diligence reporting.

 Represent IT legal and regulatory matters at IT&S Governance

forums as required.

 Manage senior stakeholders in IT&S and other Group

Functions such as Group Control, Group Legal and Data


 Maintain IT compliance status and identify actions and owners

required to address gaps.

 Monitor market trends and liaise with third parties including

industry peers, vendors, governments and consulting firms to

foster collaboration and leverage latest thinking.

Essential education  Current security qualification (CISSP, CISM or equivalent e.g.

Full membership of the IISP)

 Degree level qualification.

Essential experience and

job requirements

 Experience of implementation and operation of legal and

regulatory compliance services in a large, multinational


 Experience of managing security, compliance or audit teams.

 Security and IT compliance experience covering IT processes,

cyber security, internal controls over financial reporting and PCI


 Experience of managing external audit relationships.

 Excellent written communication of technology, cyber security

and business issues up to Board level in major corporations

with clarity, focus and high impact.

 Experience of stakeholder management with government


 Ability to deal with and influence multi-cultural groups of

stakeholders and to work group wide across functions and

segments across reporting lines.

 Track record of building networks with other teams to enhance


 Directly and indirectly manage teams of permanent and

contract staff.

 Excellent attention to detail

Desirable criteria &


 RSA Archer and/or SAP GRC experience

 Internal or External Audit experience

Rate: £900 - £1100 per day

Duration: 6 months

Start Date: Immediate