Operational Compliance Specialist

Posted 8 Days Ago
Be an Early Applicant
Hiring Remotely in United Kingdom
Remote
Mid level
Agency • HR Tech • On-Demand • Professional Services
The Role
Support Certn's privacy and EMEA compliance by translating legal requirements into operational processes: manage subprocessors, data retention, DSAR intake, EMEA reporting, client communications, audits, and collaborate with Operations to maintain compliance workflows.
Summary Generated by Built In
About Certn

At Certn, we’re changing how trust works with The World’s Easiest Background Check. We’ve raised $127M+, earned Deloitte Fast 50 recognition three years in a row, and we’re still only scratching the surface.

Our goal is straightforward: help people move faster - into jobs, homes, and opportunities - by simplifying the path to trust. We’re not a traditional background screening company.

We’re a team of curious, collaborative builders who care about solving real problems for real people. We challenge each other, move fast, and have fun doing it.

If you want to grow, make an impact, and help shape products used by millions, this is your place. Let’s build what’s next, together.

 
About the Role

Reporting directly to Senior Counsel of Privacy, the Operational Compliance Specialist will play a key part in Certn’s privacy and EMEA compliance programs, by translating legal and regulatory requirements into reliable, repeatable operational processes. This role will focus on managing subprocessor compliance, data retention, client privacy communications, EMEA reporting obligations, and technical compliance. You will serve as a critical partner across the business, ensuring privacy-related processes are effectively implemented, maintained, and aligned with evolving regulatory requirements.

 
Key Responsibilities

Technical Privacy Compliance

  • Maintain the subprocessor register; manage the end-to-end process for reviewing, onboarding, and notifying clients of subprocessor changes in line with contractual and regulatory obligations.

  • Administer data retention schedules - tracking retention periods by data category and jurisdiction, coordinating deletion and archiving activities, and maintaining supporting documentation.

  • Support access control compliance, including maintaining records of data access permissions and assisting with periodic access reviews.

  • Own the end-to-end Data Subject Access Request (DSAR) intake process ensuring accurate request tracking, seamless coordination across internal stakeholders, and timely fulfillment in compliance with regulatory requirements and response deadlines.

  • Support the privacy office in monitoring and testing activities and audits, notably by ensuring proper documentation and tracking of the controls and related findings.

  • Ensure that compliance documentation remains up-to-date and support the management and handling of any relevant registries of processing activities and risks assessments.

Client Privacy Communications

  • Act as a first point of contact for client and applicant compliance queries relating to privacy and EMEA regulatory matters, triaging straightforward requests independently and escalating complex or legally sensitive issues to Senior Counsel as appropriate.

  • Prepare and issue subprocessor update notices and other privacy-related client communications.

  • Maintain client-specific compliance records relating to data processing agreements and privacy obligations.

EMEA Regulatory Operations

  • Track EMEA jurisdiction-specific reporting requirements and filing deadlines; coordinate preparation in support of the Senior Counsel, Privacy and Senior Compliance Officer.

  • Maintain the EMEA compliance calendar and assist with regulatory correspondence.

  • Support credentialing and onboarding/offboarding compliance processes for EMEA clients and vendors.

  • Apply a working knowledge of regulated criminal-record screening across the UK disclosure regimes (DBS, Disclosure Scotland, and AccessNI), including the distinct check levels available under each and the eligibility rules that govern which level a given role qualifies for.

  • Understand Certn's obligations when acting as, or supporting clients who rely on, a registered body, umbrella body, or responsible organisation, including the duty to confirm role eligibility, verify applicant identity, and handle disclosure results in line with each agency's code of practice.

  • Audit screening files for eligibility accuracy and procedural compliance, and prepare first-line responses to client and regulator inquiries about how a check was scoped, processed, and stored, escalating substantive legal questions to the Senior Counsel, Privacy and Senior Compliance Officer.

  • Apply the data-protection rules that sit alongside the disclosure regimes, including the handling, retention, and secure destruction of criminal-record data as criminal offence data under UK GDPR and the Data Protection Act 2018.

Operational Collaboration

  • Maintain process documentation for privacy and EMEA compliance workflows

  • Act as a liaison to Operations for privacy-adjacent process design and workflow improvements

  • Triage and manage Jira tickets relating to privacy and EMEA compliance matters

 
Key Qualifications
  • Post-secondary education in a related field or an equivalent combination of education and professional experience.

  • Practical working knowledge of GDPR and data subject rights processes, including experience engaging with regulatory or quasi-governmental bodies such as the ICO, a privacy commissioner, or equivalent authority.

  • Highly organized with exceptional attention to detail and the ability to manage multiple priorities, deadlines, and regulatory requirements across different jurisdictions.

  • Excellent written and verbal communication skills.

  • Ability to maintain discretion and confidentiality at all times.

  • Comfortable working across compliance, operations, and client-facing functions

  • Professional privacy certification through the International Association of Privacy Professionals (IAPP), such as CIPT or CIPP/E, is considered a strong asset.

  • Comfortable using AI tools (e.g., Claude) to support day-to-day tasks such as drafting communications, summarising regulatory guidance, and improving workflow efficiency

If you meet most, but not all, of the qualifications listed above, we still encourage you to apply. We recognize that strong candidates come from a wide range of backgrounds and experiences, and we value the diversity of perspectives that brings.

Our Culture

Certn is a remote-first company with a high-performance edge. We value hustle, hunger, and helping each other win - but we also have a strict no-jerk policy. Ambition here is about lifting people up, not stepping on toes.

  • We think like owners and execute with urgency.

  • We’re customer-obsessed and always learning.

  • We give real feedback and hold each other to high standards.

AI in Our Culture

We’re AI enthusiasts. From Ops to Legal, Product to People & Culture, we use AI to move faster, make smarter decisions, and build better experiences.

We believe in using AI intentionally - ethically, creatively, and always in service of delivering more for our customers and each other. Don’t worry if you’re not an expert; curiosity and a willingness to learn matter most.

What’s in it for you?
  • 20 days of annual leave to start, plus up to 3 additional Performance Days

  • Company-paid benefits

  • Remote-friendly and supportive flexible remote arrangements

  • Work-from-home allowance

  • Professional development budget

  • And a few more goodies!

Come As You Are

We’re committed to building a workplace that’s diverse, inclusive, and empowering for all. If you need accommodations to support any special needs at any stage of the recruitment process, just let us know - we’ve got you.

 
One Last Thing…

Just so you know, the selected candidate will be required to complete a background check. This means you will get to see first hand what we do, and trust us, we do it REALLY well!

 
How We Hire

We use AI tools to support our recruitment process, including helping us organize applications and identify early matches based on role criteria. That said, every rejection decision is made by a human. We encourage candidates to apply authentically and avoid relying solely on AI-generated responses, especially during interviews.

 

This posting is for a current, open position within Certn.

 

This opportunity is offered through HighlightTA, the on-demand talent team supporting Certn’s growth.

 

Connect with us and learn more:
Certn on LinkedIn

HighlightTA on LinkedIn

Skills Required

  • Post-secondary education in a related field or equivalent combination of education and professional experience.
  • Practical working knowledge of GDPR and data subject rights processes, including engagement with regulators (e.g., ICO).
  • Working knowledge of UK disclosure regimes (DBS, Disclosure Scotland, AccessNI) and associated eligibility rules.
  • Highly organized with strong attention to detail and ability to manage multiple priorities and regulatory requirements across jurisdictions.
  • Excellent written and verbal communication skills.
  • Ability to maintain discretion and confidentiality at all times.
  • Comfortable working across compliance, operations, and client-facing functions.
  • Comfortable using AI tools (e.g., Claude) to support drafting, summarizing, and workflow tasks.
  • Professional privacy certification through IAPP (CIPT or CIPP/E) is a strong asset.
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
10 Employees
Year Founded: 2024

What We Do

HighlightTA is an on-demand talent team that simplifies hiring by embedding talent partners into client organizations, managing recruitment functions, and offering flexible solutions for startups and scaleups.

Similar Jobs

Pfizer Logo Pfizer

Senior Director, Internal Medicine Portfolio Strategy Lead

Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
In-Office or Remote
10 Locations
121990 Employees
215K-358K Annually

Pfizer Logo Pfizer

Director, Portfolio Strategy Inflammation & Immunology

Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
In-Office or Remote
10 Locations
121990 Employees
177K-294K Annually

Mondelēz International Logo Mondelēz International

Change Manager o9 MEU, Demand Planning

Big Data • Food • Hardware • Machine Learning • Retail • Automation • Manufacturing
Remote or Hybrid
9 Locations
90000 Employees

ServiceNow Logo ServiceNow

Consultant

Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Remote or Hybrid
Staines, Surrey, England, GBR
29000 Employees

Similar Companies Hiring

Quantum Rise Thumbnail
Software • Professional Services • Natural Language Processing • Machine Learning • Consulting • Automation • Artificial Intelligence
Chicago, Illinois
20 Employees
Empathy Thumbnail
Fintech • Healthtech • HR Tech • Information Technology • Financial Services • Telehealth
IL
200 Employees
Compa Thumbnail
Artificial Intelligence • HR Tech • Software • Business Intelligence
Irvine, California
75 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account