Head of Risk

Adapro Talent Partners are delighted to be exclusively partnering with a large Milton Keynes based, multi-site retail organisation who are looking to recruit a Head of Risk, on a permanent basis. The Head of Risk is responsible for leading the organisations enterprise risk, business assurance, insurance and data protection frameworks. This role ensures robust governance, effective internal controls, and compliance with regulatory requirements, while safeguarding the organisation's assets, reputation and data. The Head of Risk will act as the primary liaison with Group Internal Audit, ensuring a strong control environment and protecting the organisation's assets, data and reputation. In capacity as formal Data Protection Officer, the role ensures effective oversight of data protection, privacy and information governance and operates with appropriate independence with an indirect reporting line to the Group DPO on data protection matters. Key Responsibilities: Risk Management & Governance - Oversee the enterprise-wide risk management framework - Maintain and continuously improve the Risk and Control Matrix (RACM) across all business areas - Facilitate risk identification, assessment, and mitigation processes with senior stakeholders - Provide regular risk reporting to the Senior Leadership Team - Embed a strong risk-aware culture throughout the organisation Audit & Business Assurance - Act as the primary contact for Group Internal Audit, coordinating audit planning, execution, and follow-up. - Manage internal audit responses, ensuring timely and effective remediation of findings. - Conduct periodic reviews of high-risk areas and key controls. Financial Controls & Compliance - Ensure robust financial control processes are in place, documented, and operating effectively. - Support the finance function in maintaining compliance with relevant accounting standards and internal policies. - Lead periodic reviews to drive continuous improvement in control effectiveness. - Oversee controls related to fraud prevention and detection. - Management of cash collection and processing contract Data Protection & Privacy - Act as the appointed Data Protection Officer under UK GDPR - Direct the organisation's data protection strategy and compliance framework - Advise stakeholders on data protection obligations, risks and mitigations - Ensure effective management of data subject rights requests (DSARs), data breaches and DPIAs - Maintain key documentation (ROPA, policies, retention schedules) - Act as primary contact for the ICO - Promote a strong data protection culture Insurance & Risk Transfer - Oversee the organisation's insurance programme, ensuring appropriate coverage and value for money. - Manage relationships with brokers and insurers. - Lead claims management and ensure lessons learned are embedded into risk management processes. Policy, Controls & Continuous Improvement - Develop, maintain, and enforce risk, audit, and compliance policies. - Drive continuous improvement in governance, risk, and control processes. - Leverage data and analytics to enhance risk insights and monitoring. Qualifications, knowledge, and experience - Significant experience in risk, audit or internal controls - Experience with DPO or privacy frameworks - Sound knowledge of UK GDPR and risk frameworks - Professional qualification (ACA/ACCA/CIA/CISA or equivalent) - Data protection qualification desirable - Strong stakeholder management skills - Ability to work in a fast-paced environment - Excellent planning, organisational and time management - Excellent verbal, written communication and presentation skills - Line management experience Our Client is offering a basic salary of £90,000 - £95,000 + Car + Bonus + Benefits