The opportunity Based just outside of York, this is an exciting new opportunity to work for the UK's largest charity providing grants for families raising disabled or seriously ill children and young people. Last year, the charity provided 89,423 grants or services worth over £36 million to families across the UK. The Head of Audit and Compliance will be responsible for internal audit and compliance across the Group structure; providing assurance to senior management and trustees that there are efficient policies and procedures in place and that the organisation is complying with all regulatory requirements. They will also assist management in the mitigation of Group risk and act as the Group's Data Protection Officer, supported by external consultancy. They will be required to meet with the Chair of the Finance, Audit and Risk Committee and present to them annually. In addition they will act as Group Company Secretary, responsible for ensuring that the administrative responsibilities set out in company and charity law, and the articles of association are carried out. Reporting in to this role will be an Internal Audit Manager and a Data Protection and Compliance Officer. The role Key duties and responsibilities will include: Compliance Define and agree the scope of the work programmes for the monthly information governance audit work, oversee completion of the work and report findings to Management monthly. Attend and inform the quarterly information governance steering meetings and ensure that actions from the feeder forum meetings are completed as agreed, escalating to Directors as required. Ensure the annual information governance audit is completed, and all follow up actions completed, in conjunction with Directors. Act as the Group's Data Protection Officer, as defined in the General Data Protection Regulations. Maintain the Group Data Protection Policies and associated guidelines to ensure they reflect Data Protection legislation. Provide guidance on information governance and data protection. Internal Audit and Risk Oversee the completion of the internal audit work, reporting findings to Management and FARC quarterly, including recommendations, risk assessment and action plans. Present annually to the FARC. The person The successful candidate must have experience of: Operating at a senior level in a compliance/risk management environment Internal Audit oversight Compliance and risk management protocols Managing professional staff Complaint handling Expertise in national and European data protection law, including an in-depth knowledge of the GDPR Familiar with information technologies and data security Knowledge of company and charity law Ability to interpret financial information Excellent written and oral communication skills Possession of a recognised Data Protection qualification is also essential and any experience of investigating fraud would be advantageous. The benefits 25 days hols increases by 1 day every year to max of 30 Flexi time Free car parking space Pension contributions to 8% defined contribution.