Head of Compliance

Arqit is a global pioneer in post-quantum cryptography: we provide a proven defence against both current cyber dangers and impending quantum threats. Our global team describe Arqit as providing a positive, inclusive and high-performing working environment, where employees feel that managers care about the success and well-being of their teams, individuals feel valued as employees and teams achieve more than they thought possible, together.

We have brought together a world-leading team of pioneers in engineering and cryptography, and we now have an opportunity for a Head of Compliance to lead our compliance function. As a key member of the Operations team, you will ensure our company adheres to regulatory standards, industry best practices, and internal policies. This includes overseeing our SOX controls, ISO27001 certification, risk management framework, GDPR compliance, export controls, and internal auditing processes. You will play a crucial role in maintaining the integrity of our operations as we continue to grow and expand globally.

You will join our talented team, located conveniently close to Westminster, St James Park and Victoria stations, with considerable flexibility around working from home. As part of a dynamic, innovative team, you will make a significant impact by shaping and enhancing our compliance landscape. If you're passionate about compliance, risk management, and data protection, and want to contribute to a forward-thinking cybersecurity company, we'd love to hear from you!

What you will be doing

• ISO27001 Compliance & Internal Auditing:




• Lead and maintain ISO27001 certification, including internal audits, risk assessments, and continuous improvement initiatives


• Conduct regular internal audits, identify areas for improvement, and implement corrective actions




• Risk Management:




• Develop, implement, and manage the company's risk management framework


• Identify, assess, and mitigate compliance risks across all business functions


• Collaborate with leadership to align risk management practices with company objectives




• Data Protection & GDPR:




• Support the company's compliance with GDPR and other data privacy regulations


• Conduct data protection impact assessments (DPIAs) and ensure privacy by design and default across products and services




• Export Control:




• Work with the Legal department and VP Operations to create and maintain an effective framework to monitor compliance with export licenses


• Develop a robust system to maintain evidentiary documents and policies to support regulatory audits


• Work with Operations, Legal and Finance to create an effective program for KYC/B screening




• Regulatory Compliance & Governance:




• Work with relevant departments to ensure regular review and maintenance of company policies, procedures and training to ensure adherence to legal and regulatory requirements


• Prepare and present reports as necessary to senior management, the Board or Audit Committee




• SOX:

• Work with the Group Financial Controller to support the company’s compliance with SOX.


• Leading annual SOX risk assessments.


• Perform testing of the SOX controls on a quarterly and annual basis.

What we’re looking for

• Proven experience in a senior compliance role, ideally within a software, cybersecurity, or technology company


• In-depth knowledge of ISO27001, GDPR, SOX


• Experience conducting internal audits and managing risk frameworks


• Some knowledge and/or experience of export control regulations and licensing requirements, specifically as they may relate to cryptography or information security systems


• Strong understanding of UK, EU, US, and international regulatory environments as they apply to the business


• Exceptional communication and stakeholder management skills


• Relevant certifications such as CISM, CISSP, ISO27001 Lead Auditor/Implementer, or similar are highly desirable


• Ability to work independently while collaborating across departments

Please note, the ability to work in the UK without restrictions is ESSENTIAL; there may also be a need for UK security clearance in future