About the role
Location: Remote (UK-based)
Duration: 6-month contract
Day Rate: Depending on experience
About the role
We’re working with a cutting-edge fintech client looking to bring on a hands-on Compliance Analyst to help ensure their insurance-based investment platform meets all applicable regulatory, data protection, and cybersecurity standards. This is a pivotal role where you’ll balance operational execution with strategic oversight, helping shape a robust compliance foundation in a regulated, technology-driven environment.
This is ideal for someone with strong attention to detail and regulatory awareness who thrives in a fast-paced setting and can confidently work across both business and technical teams.
What you’ll be doing:
Coordinating compliance activity across IT, Security, Legal and Operations teams
Developing and maintaining internal policies, SOPs and compliance documentation
Supporting audit readiness and external certifications (e.g. SOC 2, ISO 27001, GDPR DPIAs)
Monitoring data protection controls including access reviews, breach response and subject access requests
Managing a compliance risk register and working with stakeholders to resolve control gaps
Assisting with vendor due diligence (reviewing DPAs, SOC 2 reports, security documentation)
Supporting secure-by-design reviews across architecture, data flows and product planning
Tracking regulatory developments and advising on emerging compliance risks
For this role you should have:
3+ years’ experience in a compliance, risk or GRC role within fintech, insurance or other regulated technology environments
Practical understanding of frameworks such as FCA, GDPR, ISO 27001, SOC 2
Familiarity with security principles like access control, encryption, logging, and incident response
Experience using GRC tools such as Vanta, Drata, OneTrust or similar platforms
Excellent documentation and stakeholder communication skills
Ability to collaborate cross-functionally with technical and non-technical teams
Nice to have:
Experience working in an early-stage or scale-up fintech/insurtech company
Exposure to cloud environments, SaaS tools, or IAM systems
Experience responding to auditor or regulator inquiries
Familiarity with international frameworks such as DORA, UK DPA, or CCPA
This is a unique opportunity to step into a high-trust, high-impact compliance role where your contributions shape how compliance is embedded into a growing fintech platform from day one. You'll be joining a small, collaborative team in an environment that values rigour, clarity, and proactive risk management.
NRG is an equal opportunities employer committed to promoting a diverse and inclusive workplace. We oppose all forms of unlawful or unfair discrimination on the grounds of any protected characteristic. Our aim is to create an environment that encourages diversity, builds on individual differences, and responds equitably to the needs of all. We proactively take steps to fulfil our legal obligations, remove barriers, monitor for fairness, reflect the communities we serve, and enforce a zero-tolerance policy for breaches of our Equality and Diversity policy.