GRC Lead
Posted 2 days 3 hours ago by Street Group
Manchester (Hybrid, up to 4 days WFH)
£40k-£50k (negotiable)
Street Group is one of the fastest-growing PropTech companies in the UK. We want to be the leading creator of delightful experiences for everybody involved in buying, selling, renting and letting property, regardless of their involvement, to improve the industry for everybody by elevating UK Estate Agencies through world-class technology.
We're moving towards ISO certification for security, with SOC 2 and other standards likely to follow as we expand into new markets. Getting there - and staying there - takes dedicated documentation, tracking and governance, and that's where you come in. We're looking for a GRC Lead to own the frameworks, audits and evidence that prove we do what we say we do, working alongside our Security & Resilience Lead as we grow this function.
This is a genuinely flat, cross-functional role. You'll work directly with sales, marketing and engineering with no layers of hierarchy between you and the people who hold the information you need. You'll have real autonomy in how you run the audit programme.
Here's what you can expect to be working on as our GRC Lead- Work with teams across the business to produce business continuity plans in a standardised format.
- Support customer due diligence and KYC checks - particularly important in the payment space - and formalise this into a robust, business as usual process, alongside supporting contract reviews.
- Keep on top of the legal and regulatory landscape, translating incoming legislation into a clear playbook for teams well ahead of time.
- Own our data classification framework, privacy policies, information asset register and records of processing.
- Map how data flows through the business, risk assess critical processes as an independent party, and maintain the corporate risk register - standardising how risk, including impacts, are scored and reported to stakeholders.
- Keep our governance documentation, policies and knowledge repositories standardised, version controlled and free of duplication.
- Build and run an efficient annual internal audit programme across every part of the business, from sales to finance to physical security.
- Support FAQs, RFIs and marketing reviews with up to date evidence from your audits, and coordinate physical and environmental audits and annual service reviews.
- You'd rather enable good practice across a business than dictate it from an ivory tower - you know how to get buy in, not just compliance.
- You want breadth: you'll work with sales, marketing, engineering and finance, genuinely cross functional rather than siloed in one team.
- You want the autonomy to choose your own approach to audit and governance, as long as it's effective and efficient.
- You're comfortable holding people accountable - the worst thing you could do here is let something slide because it's easier than having a difficult conversation.
- You need everything mapped out for you - part of the role is choosing how you run your own audit programme.
- You're not open to new ideas and continual improvement.
- You're looking for a technical security role only - that's a different hire; this one is about governance, documentation and people.
- You'd rather work with one team than build relationships and trust across the whole business.
- Solid experience in Governance, Risk and Compliance, with knowledge of compliance frameworks such as ISO 27001.
- Comfortable working with data and information, with a good understanding of data privacy and information governance principles.
- A confident communicator who's trusted by the people they work with - you'll be sitting with sales, marketing and engineering just as often as with the security team, so relationships and trust matter as much as technical depth.
- Excellent attention to detail, with strong documentation and organisational skills - much of this role is about producing evidence, policies and reports that stand up to scrutiny.
- Calm under challenge - open to discussing new ways of working even about your own processes and systems.
- Hybrid working - you can work from home up to 4 days per week
- Guilt Free R&R - £1000 towards a holiday after your first year with the team (we'll even cover the tax!)
- Joining a culture that supports your development and encourages growth
- £500 yearly L&D budget for your career development
- Your birthday on us - we pay, you stay away
- Give something back - 2 paid days volunteering on us
- Enhanced maternity, paternity & adoption pay
- Mental health & well being support via Health Assured
- Regular well being initiatives
- Flexible working hours
- Public transport season ticket loans
- Paid menopause leave
- Holiday buying scheme
- Joining a new team in an exciting business with huge ambition
- Be a part of something bigger - everyone in our team is passionate about improving the entire property industry! It's a huge goal, but it motivates us to do better every single day
- A chance to work on cutting edge technology
- Comfortable, relaxed office space - office dogs welcome!
- Fully stocked fridge and beers (or an alternative) on us every Friday afternoon
- Company and team off sites, events and happy hours
- Cycle to work scheme
- Electric car salary sacrifice scheme
- Feel good about sustainability - we're a climate positive company!
£40k £50k, negotiable depending on your experience and scope. Please apply and let's have the conversation.
We care deeply about helping the tech industry become a more inclusive and diverse place and we work hard to lead by example. We are committed to Equal Employment Opportunity through attracting and retaining a complementary team of employees and building an inclusive environment for all. Candidates must be eligible to live and work in the UK and be able to perform the work specified.