Herspiegel

Compensation

Full Description

Description Job Title: Compliance Analyst Location: London, England Metro Area Reports To: Executive Vice President, Legal and Global Strategy Position Summary The Compliance Analyst will support the organization’s legal and compliance functions by ensuring adherence to global regulatory requirements, internal policies, and contractual obligations. This role focuses on contract review and analysis, data privacy compliance (GDPR and equivalents) and IT diligence frameworks to mitigate risk and maintain operational integrity across global markets. Key Responsibilities • Contract Review & Risk Management • Identify and mitigate legal and business risks in contracts, including liability limits, indemnities, termination rights, IP ownership, and confidentiality clauses. • Ensure contracts include appropriate compliance language for data privacy, anti-bribery, export controls, and ethical standards. • Compliance Assurance • Monitor and enforce compliance with global data protection and information-risk regulations (GDPR, UK GDPR, CCPA) and related internal control frameworks.. • Support implementation of Data Processing Agreements (DPAs) and Standard Contractual Clauses for international data transfers. • Maintain awareness of evolving regulatory requirements and update templates/playbooks accordingly. • Global IT Diligence & Governance • Assist in legal-led IT vendor due diligence, by reviewing and coordinating assessments of data protection, and compliance posture for third party suppliers. • Collaborate with IT and security teams to validate contractual obligations for cybersecurity, data residency, and breach notification processes. • Support audits and monitoring activities related to IT risk management and compliance certifications (e.g., ISO, SOC, etc.). • Track remediation commitments and contractual obligations arising from vendor risk reviews. • Policy & Process Development • Contribute to continuous improvement of compliance processes, including contract playbooks, clause libraries, and governance frameworks. • Maintain accurate records of executed agreements and compliance reviews in the contract management system. Requirements • Experience: • 2–4 years in compliance, legal operations, and/or IT and data privacy within a global organization. • Hands-on experience with GDPR compliance, data governance frameworks, and IT diligence processes. • Familiarity with contract lifecycle management tools and risk assessment methodologies. • Skills: • Strong understanding of international data privacy regulations and IT security principles. • Excellent drafting, negotiation, and analytical skills. • Ability to manage multiple priorities and collaborate across legal, IT, and business teams. • Certifications (Preferred): CIPP/E, CIPM, or ISO 27001 Lead Implementer or auditor, or equivalent compliance/Information-risk certification.