About the role

Location: Remote (UK-based)

Duration: 6-month contract

Day Rate: Depending on experience

About the role

We’re working with a cutting-edge fintech client looking to bring on a hands-on Compliance Analyst to help ensure their insurance-based investment platform meets all applicable regulatory, data protection, and cybersecurity standards. This is a pivotal role where you’ll balance operational execution with strategic oversight, helping shape a robust compliance foundation in a regulated, technology-driven environment.

This is ideal for someone with strong attention to detail and regulatory awareness who thrives in a fast-paced setting and can confidently work across both business and technical teams. 

What you’ll be doing:

• Coordinating compliance activity across IT, Security, Legal and Operations teams

• Developing and maintaining internal policies, SOPs and compliance documentation

• Supporting audit readiness and external certifications (e.g. SOC 2, ISO 27001, GDPR DPIAs)

• Monitoring data protection controls including access reviews, breach response and subject access requests

• Managing a compliance risk register and working with stakeholders to resolve control gaps

• Assisting with vendor due diligence (reviewing DPAs, SOC 2 reports, security documentation)

• Supporting secure-by-design reviews across architecture, data flows and product planning

• Tracking regulatory developments and advising on emerging compliance risks

For this role you should have:

• 3+ years’ experience in a compliance, risk or GRC role within fintech, insurance or other regulated technology environments

• Practical understanding of frameworks such as FCA, GDPR, ISO 27001, SOC 2

• Familiarity with security principles like access control, encryption, logging, and incident response

• Experience using GRC tools such as Vanta, Drata, OneTrust or similar platforms

• Excellent documentation and stakeholder communication skills

• Ability to collaborate cross-functionally with technical and non-technical teams

Nice to have:

• Experience working in an early-stage or scale-up fintech/insurtech company

• Exposure to cloud environments, SaaS tools, or IAM systems

• Experience responding to auditor or regulator inquiries

• Familiarity with international frameworks such as DORA, UK DPA, or CCPA

This is a unique opportunity to step into a high-trust, high-impact compliance role where your contributions shape how compliance is embedded into a growing fintech platform from day one. You'll be joining a small, collaborative team in an environment that values rigour, clarity, and proactive risk management.

NRG is an equal opportunities employer committed to promoting a diverse and inclusive workplace. We oppose all forms of unlawful or unfair discrimination on the grounds of any protected characteristic. Our aim is to create an environment that encourages diversity, builds on individual differences, and responds equitably to the needs of all. We proactively take steps to fulfil our legal obligations, remove barriers, monitor for fairness, reflect the communities we serve, and enforce a zero-tolerance policy for breaches of our Equality and Diversity policy.