Senior Risk and Compliance Officer

Why Airbox?

You're more likely to love your work when that work has a purpose, when it’s meaningful and when it’s protecting lives. At Airbox Systems, it will.

We value Commitment, Positive Realism, Ethics, Accountability, Humanity, Quality, and Delight. Our team includes individuals with military, aviation, and law‑enforcement backgrounds, giving us first‑hand insight into frontline operations to enable cutting‑edge concepts.

We are seeking a highly organised and driven Senior Risk & Compliance (R&C) Officer to support our Risk & Compliance function and play a pivotal role in ensuring the operational excellence of R&C within Airbox Systems. In this dynamic role you will ensure that Airbox Systems adheres to legal, regulatory and internal policies, supporting our business objectives while maintaining high standards, mitigating risk and upholding our commitment to robust R&C and Information Security practices.

• Accreditation Management: Accountability for developing and executing detailed plans to achieve and maintain key business accreditations, including all ISO certifications and Cyber Essentials. Ensure compliance with the latest industry standards and best practices.
• Identifying Additional Accreditations: Identify potential new and relevant accreditations to enhance the company’s standing in Risk & Compliance management, keeping Airbox at the forefront of industry best practices.
• Employee Support and Training: Provide expert advice and training to employees across the business, helping them understand and maintain required Risk & Compliance standards and best practice.
• Internal Audits & ISMS Management: Lead regular internal audits across all areas of the business to assess compliance, identify areas for improvement, and ensure the Information Security Management System (ISMS) remains current and aligned with evolving business needs.
• External
  
  Certifications:
  
  Manage the external certification process, ensuring the necessary documentation and evidence are prepared for auditors. Regularly report to senior management on certification progress and the effectiveness of the ISMS.
• Compliance Policy and Procedures: Develop, review and implement Airbox Systems R&C framework, policies and procedures in alignment with current regulations and industry standards.
• Company Policy and Procedure Register: Manage the company policy and procedure register and ensure that periodic reviews of company policies are completed and documented correctly.

• Risk Assessments: Conduct comprehensive risk assessments on live services and potential suppliers, ensuring alignment with the organisation’s risk management framework, policies and procedures.
• Risk Identification and Mitigation: Collaborate with department leads and stakeholders to identify potential risks and develop and implement effective risk management strategies and action plans.
• Risk Registers: Work closely with relevant stakeholders to ensure that departmental risk registers are aligned with the board‑level risk register.
• Risk Reporting: Compile and present detailed risk reports to senior management, highlighting risk profiles, mitigation actions, and strategic recommendations.
• Three Lines of Defense Framework: Oversee and coordinate the execution of the Three Lines of Defense risk management framework.
• Risk Management Awareness: Lead initiatives to raise awareness of risk management practices within the business, including delivering training sessions and workshops.
• Incident Response: Act as the primary point of contact for risk‑related incidents, leading the response efforts and managing mitigation strategies.

• Data Protection Impact Assessments (DPIAs): Complete DPIAs (internal and external).
• Record of Processing Activities (ROPA): Collaborate across the business to develop, manage and maintain Airbox Systems ROPA.

• Maintain and test BCDR plan: Review and update BCDR plan, including simulating disaster scenarios to ensure operational readiness.
• Risk assessments: Identify vulnerabilities within Business Impact Assessments (BIA) and create…