The AI-powered OS for beauty, wellness and self-care
About Fresha
Fresha allows consumers to discover, book and pay for beauty and wellness appointments with local businesses via its marketplace, while beauty and wellness businesses and professionals use an all-in-one platform to manage their entire operations with an intuitive business software and financial technology solutions.
Fresha’s ecosystem gives merchants everything they need to run their business seamlessly by facilitating appointment bookings, point-of-sale, customer records management, marketing automation, loyalty, beauty products inventory and team management.
The consumer marketplace unlocks revenue potential for partner businesses by leveraging the power of online bookings and automated marketing through mobile apps and advanced integrations with major tech brands including Instagram, Facebook and Google.
About the role
Reports to: VP of Security, IT and Compliance
We're looking for someone to own compliance end-to-end at Fresha. We're already HIPAA and ISO27001 certified, we're heading into a PCI DSS audit shortly, and later this year we've got GDPR and SOC 2 Type II coming up. That's a lot of parallel work, and we need someone who can run it without constant hand-holding.
Today one person covers the day-to-day compliance operations. You'll take over that function, grow it, and broaden its scope into data protection, vendor risk, and policy. You won't be starting from scratch — there's a working Sprinto setup, an access review cadence, and a vulnerability management process — but you'll be expected to take it to the next level. We expect the person in this role to run a modern, automated compliance function. The volume of work across five frameworks does not scale with headcount alone — it scales with good tooling, good automation, and sensible use of AI. To foster a collaborative environment that thrives on face-to-face interactions and teamwork, this role will be based in our dog-friendly office 5 days per week in London: The Bower, 207-122, Old Street, London EC1V 9NR.What you'll own
Audits and certifications
Run the PCI DSS audit to completion, then GDPR and SOC 2 Type II this year
Be the main point of contact for external auditors — scoping, evidence, walkthroughs, findings
Keep HIPAA and ISO 27001 in good shape between recertifications
Compliance operations
Quarterly access reviews across in-scope systems
Sprinto: make sure controls are covered, failures are triaged quickly, and evidence is current
Vulnerability management: track closure against agreed SLAs and chase what's drifting
Own the compliance risk register — keep it current, get it reviewed on a regular cadence, and make sure it actually informs decisions rather than just sitting there for auditors
Data protection
Handle Subject Access Requests and Data Access Requests end-to-end
Keep the GDPR ROPA accurate as systems, vendors, and data flows change
Own and enforce data retention — not just on paper, but actually in the systems
Vendor and third-party risk
Review new vendors before they're onboarded — security posture, data handling, DPAs
Reassess critical and high-risk vendors on a regular cycle
Keep the vendor inventory, DPAs, and sub-processor lists tidy and audit-ready
Policy and awareness
Write new policies and update existing ones as our environment, regulations, and business change
Make sure policies are usable, understood, and actually followed — not shelfware
Own the compliance and privacy training programme: annual training, role-specific training for engineers handling PHI or cardholder data, and whatever else our frameworks demand
Automation and AI
Look at every recurring task in this role and ask "why is a human still doing this?" —evidence collection, control testing, access review workflows, vendor questionnaire triage, SAR data discovery, policy drafting, ROPA upkeep
Push Sprinto and our adjacent tooling as far as they'll go, and fill the gaps with scripts, workflows, or AI where it makes sense
Use LLMs sensibly for drafting, review, and first-pass analysis — but know where a human still has to sign off, especially anything that goes to a regulator or an auditor
Treat the function's operating model as a product: fewer manual rituals each quarter, not more
What we're looking for
You've led compliance through at least a couple of these frameworks (PCI DSS, SOC 2, ISO27001, HIPAA, GDPR). You don't need all of them, but PCI DSS and GDPR experience would be very valuable right now
You've dealt directly with auditors and you're comfortable pushing back when scoping or findings are off
You're hands-on. This is not a role where you delegate everything and review slides — you'll be in Sprinto, in tickets, in policy drafts, and in vendor reviews
You're fluent with AI tools and comfortable building automation — whether that's Sprinto workflows, scripting against APIs, using LLMs to cut down manual work, or knowing when to bring in an engineer to build something properly. You don't need to be a developer, but "I'll wait for someone to build it for me" isn't the right mindset
You can translate between engineers and auditors without frustrating either side
Bonus: experience with GRC tooling beyond Sprinto, DPO or DPO-adjacent work, payments regulatory exposure, or a track record of measurably reducing manual compliance work through automation
How you'll work
You'll have one direct report from day one, and the remainder to grow the function as the workload justifies. You'll work closely with Security, IT, Legal, Engineering and People.
Expect to spend real time with auditors during audit windows and real time with engineering and vendor teams the rest of the year.Interview Process
Screen Stage - Video-call with a member from the Talent Team (45-60min)
1st Stage - Interview with the VP of Security, IT & Compliance (60min)
Final Stage - Video interview with CTO (60min) and Head of Talent (30min)
We aim to finalise the entire interview process and deliver feedback within 4 weeks.
Every job application received is reviewed manually by our talent team. While we strive to assess applications within 7 days, the sheer volume of talented individuals expressing interest may occasionally extend this timeframe.
Inclusive workforce
At Fresha, we are creating a culture where individuals of all backgrounds feel comfortable.
We want all Fresha people to feel included and truly empowered to contribute fully to our vision and goals. Everyone who applies will receive fair consideration for employment.
We do not discriminate based on race, colour, religion, sex, sexual orientation, age, marital status, gender identity, national origin, disability, or any other applicable legally protected characteristics in the location in which the candidate is applying.
If you have any accessibility requirements that would make you more comfortable during the interview process and/or once you join, please let us know so that we can support you.
- £104k - £137k per annumEstimatedThe AI-powered OS for beauty, wellness and self-care About Fresha Fresha is the AI-powered operating system for the global beauty, wellness and self-care industry, connecting and powering everything from salons and barbers to spas, medspas, fitness studios and ...SuggestedFull-time
£130k - £140k per annum
...Job Title: Head of Compliance (SMF16 & SMF17) Location: London (Mayfair) Working Pattern: part time - 2 days per week (office-based) Salary: GBP130k-GBP140k Competitive (pro-rata for 2 days per week) Deerfoot Recruitment is assisting a well-established independent...SuggestedPart-timeOn-site2 days/week- £79k - £101k per annumEstimated...protection and mortgages in an entirely digital way. We see great compliance and risk management not as a brake on that, but as what lets us... ...with confidence. We're looking for a commercially minded Head of Compliance to own and lead our compliance & risk framework as...SuggestedHybrid workingOn-siteRemoteFlexible hours
- ...A UK FCA-regulated trading company is seeking a seasoned Head of Compliance / MLRO to lead its compliance and AML functions. This is a senior... ...frameworks, including FCA, AMLD, and SYSC principles. Strong technical knowledge of client onboarding, financial promotions, and...SuggestedHybrid working
£90k per annum
...Head of Compliance / MLRO (SMF16/17) City of London (5 days in the office) Permanent GBP90,000 + bonus + pension cer Financial are working alongside an international bank, who are based in the City of London. They are seeking a Head of Compliance / MLRO (SMF1...SuggestedPermanentOn-site- £90k - £120k per annumEstimated...Head of Compliance & MLRO (SMF16 / SMF17) Location London, United Kingdom Company Overview An FCA–regulated institutional financial services firm providing liquidity, execution, and market access solutions to professional and institutional clients globally. The firm...
£80k - £100k per annum
...Recruit UK is working with a growing financial planning firm seeking an experienced Head of Compliance to join their senior leadership team. This is a unique opportunity for an experienced compliance professional to take ownership of the firm's compliance, risk and financial...PermanentOn-siteRemote- £67k - £89k per annumEstimated...on problems that matter, and solving them fast. As our Head of Compliance, you’re not stepping into a predefined role. You’re joining a... ...to hire a small number of exceptional people with broad, deep technical capability, strong judgement, and the ability to operate...Full-time
- £57k - £76k per annumEstimatedA small international Bank is looking for an experienced Head of Compliance (SMF16). Your responsibilities will include: Defining/implementing/maintaining effective compliance and regulatory reporting Conducting policies/procedures/monitoring controls/governance to...PermanentHybrid workingOn-siteRemote
- £66k - £87k per annumEstimated...Head of Compliance (SMF16 & SMF17) London Hybrid Working Competitive Salary + Bonus + Equity Incentives An exciting opportunity has arisen for an experienced compliance professional to join a rapidly growing, technology–driven wealth management business as Head of Compliance...Hybrid workingFlexible hours
£90k - £115k per annum
...comprehensive vompliance monitoring and control assurance framework. Conduct regular reviews and assessments of internal controls to ensure compliance with regulatory requirements. Collaborate with the Risk & Compliance department to identify and mitigate potential risks....Permanent- £95k - £121k per annumEstimated...Ark (95988), United Kingdom, London, Senior Director, Head of International Network Compliance (EMEA) Job Title: Head of International Network... ...the purpose of applying a reasonable adjustment. For technical support or questions about Capital One's recruiting process...Hybrid workingOn-siteRemote
£90k - £115k per annum
Company: MICHAEL PAGE Job Type: Permanent, Full Time Salary: £90000 - £115000/annumPermanentFull-time- £67k - £87k per annumEstimated...Job Title: Head of Business Enablement and Compliance Division / Function: Clinical Development Operations, Research and Development Manager’s Job... ...to best-in-class standard. Main Responsibilities & Technical Competencies Leadership Provide strategic leadership...Long-term contractFull-time
- £82k - £108k per annumEstimated...-minded leader to serve as the strategic Compliance Executive for the Group. You will lead UK... ...of those years in a senior leadership or Head of Compliance capacity, navigating the complexities... ...strong focus on compliance matches our technical and business expertise, and we are...
- £52k - £69k per annumEstimated...Head of Risk & Compliance | S5 | DEVA Capital | London Country: United Kingdom IT STARTS HERE Deva-SAI is the Real Estate and Corporate Capital Solutions investment arm within Santander Alternative Investments (SAI). The platform manages €1.6bn across Real Estate...Full-timeHybrid workingOn-siteWork from homeWork visaFlexible hours
- £95k - £125k per annumEstimated...Head of Compliance & Risk Location: UK - London Entity: Viva Wallet.com Ltd, trading as viva.com Regulatory status: FCA-authorised Electronic money Institution About Viva.com Viva.com is Europe’s first acquirer powering merchant payments acceptance across...Long-term contractFull-timeFlexible hoursShift work
£85k - £120k per annum
The opportunity We’re looking for an experienced compliance leader to head up a risk-based, second-line Compliance team supporting the operation of the Omnis Investment platform. You’ll be a trusted adviser to the Executive, Senior Management Team and Board—providing pragmatic...On-siteFlexible hours- £54k - £71k per annumEstimatedHead of Compliance Programmes Job ID: R3286 Operations London - The River Building HQ Ready to apply? Get started with your online... ...supporting launch operations or go-to-market mechanics for technical product features. International regulatory exposure:...Hourly payLong-term contractFull-timeSummer workHybrid workingRelocation packageOn-siteWork from homeFlexible hours1 day/week
- £58k - £77k per annumEstimatedDo you thrive in a fast-paced environment, where you gain a tremendous amount of responsibility? Do you want to be part of an exceptional entrepreneurial team with young, motivated and extremely driven people? And are you curious or passionate about people? If so, you might...On-siteRemoteMonday to FridayFlexible hours
- £66k - £87k per annumEstimatedDo you thrive in a fast-paced environment, where you gain a tremendous amount of responsibility? Do you want to be part of an exceptional entrepreneurial team with young, motivated and extremely driven people? And are you curious or passionate about people? If so, you might...On-siteRemoteMonday to FridayFlexible hours
- ...redefine financial services for mobile individuals and SMEs across the UK. This role sits at the core of that journey — owning the compliance, AML/CTF, and risk strategy from day one. As CCO & MLRO, you will work directly with regulators and leadership to build a...Long-term contractFull-timePart-timeFlexible hours
- Our esteemed school seeks a talented and experienced Key Stage Coordinator for Geography to join our dynamic faculty. This is an exciting opportunity to shape the future of Geography education within a supportive and academically rigorous environment. About the Role: ...
£329.3 per week
The RSC is looking for a Deputy Stage Manager (Part-time, Maternity cover) to join the team at Matilda The Musical in London. The appointed candidate would ideally start in early August. An experienced Deputy Stage Manager is required to work within the Stage Management...Part-timeFixed-term contractWeekend work- About the School: A high-performing secondary school in Lambeth, South London, is seeking a dedicated and experienced Key Stage Co-ordinator for Geography. Our school boasts a vibrant and diverse student body with a strong focus on academic achievement and fostering a love...
- About the School: A high-performing secondary school in Lambeth with a strong academic record and a vibrant Geography department. The school fosters a diverse and inclusive learning environment, with a focus on developing well-rounded global citizens who are passionate about...
- Are you a passionate and experienced Geography leader seeking a rewarding opportunity to shape the curriculum and inspire students in a thriving co-educational school? We are seeking an outstanding and enthusiastic Key Stage Coordinator of Geography to join our dynamic department...
- £65k - £85k per annumEstimatedDo you thrive in a fast-paced environment, where you gain a tremendous amount of responsibility? Do you want to be part of an exceptional entrepreneurial team with young, motivated and extremely driven people? And are you curious or passionate about people? If so, you might...On-siteRemoteMonday to FridayFlexible hours
- Are you a passionate and experienced Geography teacher with a desire to lead and inspire? A forward-thinking school in Lambeth seeks a dedicated and enthusiastic Key Stage Geography Coordinator (KS Coordinator) to join its dynamic team. This is a full-time, permanent leadership...PermanentFull-time
- About the School: This dynamic school boasts a strong track record and is committed to providing a nurturing and stimulating environment where all students can flourish. They offer a diverse curriculum with a strong focus on academic excellence and developing confident communicators...
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Technical Head of Compliance. Be the first to apply!
- technical delivery manager London
- technical services supervisor London
- senior technical manager London
- technical coordinator London
- technical director - mechanical London
- technical coordinator - construction London
- technical chemistry manager London
- technical superintendent London
- technical manager London
- senior manager technical services London
