CrawlJobs Logo
Robert Half Logo Robert Half · Legal

Head of Risk & Compliance

United States, New York · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

Our client is a major law firm looking for a senior level consultant to act as Head of Risk & Compliance. This role has the potential to subsequently convert to a permanent role and it is onsite 3 days a week at our client's office either in Midtown Manhattan, New Haven, or Greenwich.

Job Responsibility

  • Strategic Leadership: Direct the US-based risk and compliance function, aligning regional strategies with global standards and overseeing the performance of a dedicated departmental team
  • Operational Governance: Manage the full lifecycle of new business intake (NBI), including complex conflicts resolution, ethical screens, and the negotiation of engagement terms or waivers
  • Regulatory & Policy Oversight: Lead horizon scanning to identify emerging legal trends, drafting and updating internal policies to ensure the firm remains compliant with state and federal legislation
  • Financial & Professional Integrity: Coordinate with AML, Sanctions, and Professional Indemnity managers to mitigate financial crime risks and support the management of professional liability claims
  • Cross-Functional Collaboration: Serve as a key advisor to executive leadership (Finance, HR, and Counsel) on sensitive regulatory matters, professional ethics, and high-risk decision-making
  • Risk Mitigation for Growth: Provide structured risk assessments for major firm initiatives, such as lateral partner hiring, new office launches, and high-stakes client matters
  • Training & Quality Assurance: Design and deliver comprehensive training programs for attorneys and staff regarding confidentiality, information handling, and ethical obligations
  • Data & Reporting: Maintain critical risk registers and deliver high-level reporting to the Partnership Board, ensuring transparency on departmental performance and risk exposure

Requirements

  • Juris Doctor required, along with active U.S. Bar admission in good standing
  • At least 6–8 years of experience in law firm risk management, ethics, conflicts, responsibility-related matters, or a General Counsel's office
  • Prior people leadership experience with the ability to manage teams and influence senior stakeholders effectively
  • Strong background in risk analysis, due diligence, and development of practical risk management strategies
  • Knowledge of anti-money laundering principles, regulatory compliance, and governance practices relevant to legal environments
  • Demonstrated ability to handle conflicts reviews, ethical issues, and other complex matters requiring sound judgment
  • Familiarity with law firm conflicts and intake technology, including platforms such as Intapp, is strongly preferred

Nice to have

Familiarity with law firm conflicts and intake technology, including platforms such as Intapp, is strongly preferred

What we offer

  • medical, vision, dental, and life and disability insurance
  • enrollment in company 401(k) plan
Robert Half - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Head of Risk & Compliance

8 matching positions

Head of Risk & Compliance

Our client is a major law firm looking for a senior level consultant to act as H...
Location
Location
United States , New York, New Haven, Greenwich
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Juris Doctor required, along with active U.S. Bar admission in good standing
  • At least 6–8 years of experience in law firm risk management, ethics, conflicts, responsibility-related matters, or a General Counsel's office
  • Prior people leadership experience with the ability to manage teams and influence senior stakeholders effectively
  • Strong background in risk analysis, due diligence, and development of practical risk management strategies
  • Knowledge of anti-money laundering principles, regulatory compliance, and governance practices relevant to legal environments
  • Demonstrated ability to handle conflicts reviews, ethical issues, and other complex matters requiring sound judgment
  • Familiarity with law firm conflicts and intake technology, including platforms such as Intapp, is strongly preferred
Job Responsibility
Job Responsibility
  • Strategic Leadership: Direct the US-based risk and compliance function, aligning regional strategies with global standards and overseeing the performance of a dedicated departmental team
  • Operational Governance: Manage the full lifecycle of new business intake (NBI), including complex conflicts resolution, ethical screens, and the negotiation of engagement terms or waivers
  • Regulatory & Policy Oversight: Lead 'horizon scanning' to identify emerging legal trends, drafting and updating internal policies to ensure the firm remains compliant with state and federal legislation
  • Financial & Professional Integrity: Coordinate with AML, Sanctions, and Professional Indemnity managers to mitigate financial crime risks and support the management of professional liability claims
  • Cross-Functional Collaboration: Serve as a key advisor to executive leadership (Finance, HR, and Counsel) on sensitive regulatory matters, professional ethics, and high-risk decision-making
  • Risk Mitigation for Growth: Provide structured risk assessments for major firm initiatives, such as lateral partner hiring, new office launches, and high-stakes client matters
  • Training & Quality Assurance: Design and deliver comprehensive training programs for attorneys and staff regarding confidentiality, information handling, and ethical obligations
  • Data & Reporting: Maintain critical risk registers and deliver high-level reporting to the Partnership Board, ensuring transparency on departmental performance and risk exposure
What we offer
What we offer
  • medical, vision, dental, and life and disability insurance
  • enrollment in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Head of Risk & Compliance

Giacom is looking for a Head of Risk & Compliance who will take the lead in deve...
Location
Location
United Kingdom , Nelson
Salary
Salary:
Not provided
giacom.com Logo
Giacom
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrable prior experience in risk management, ideally in a regulated sector (Telecoms, Utilities, etc.)
  • Proven experience designing and leading an effective ERM and compliance framework in a medium/large organisation
  • Understanding of Health & Safety obligations and the ability to embed effective, risk‑based Health & Safety practices across the organisation
  • Able to translate complex risk‑management concepts into clear, accessible insights for colleagues, investors, and non‑executive Board members, and be recognised as a subject matter expert
  • Ability to build strong relationships and secure buy‑in across the business
  • Deep experience conducting risk assessments across strategic, operational, financial and compliance risks
  • Skilled in developing KRIs, assessing controls, and producing high‑quality management and Board reporting
  • A highly organised, structured, and proactive approach to managing a varied and demanding workload
Job Responsibility
Job Responsibility
  • Lead the Group’s risk management strategy, setting the framework that enables smart, proportionate, business‑friendly risk management
  • Partner with the Executive and senior leadership team to embed a strong, practical risk culture that supports growth and accountability
  • Own all risk reporting to the Board and Executive Committee, ensuring clarity, quality, and strategic insight
  • Facilitate the identification, assessment, and management of risks within our agreed appetite, ensuring mitigation where required
  • Lead on information security governance, ISO27001 compliance, data protection, business continuity, insurance, supplier compliance, and health & safety
  • Provide a strong second line monitoring and assurance function
  • Lead our legal and regulatory compliance programme, including Ofcom, TMBS and global communications regulations
  • Oversee incident reporting, breach investigations, root cause analysis, and regulator engagement
  • Develop, coach, and inspire the Risk & Compliance team leveraging in‑house specialists and external experts (including smart use of AI‑based tools)
  • Manage the Risk & Assurance Committee and Compliance Committee secretariat
What we offer
What we offer
  • Competitive package including car allowance and discretionary bonus
  • Flexible working
  • Investment in your future career with a variety of learning and development opportunities
  • No dress code - embrace the freedom to bring your whole self to work
  • 25 days annual leave, plus bank holidays. You'll even get your birthday off, too!
  • A pension plan for your future
  • Complimentary refreshments in all our offices
  • Fulltime
Read More
Arrow Right

Operational Risk Head of Data Risk Center of Excellence

The Head of Data Risk Center of Excellence will lead risk assessment efforts for...
Location
Location
United States , Tampa
Salary
Salary:
250000.00 - 500000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years of direct experience as a senior Non-Financial Risk professional
  • extensive experience in overseeing global data programs in a large-scale organization
  • extensive experience applying operational risk management frameworks
  • experience in leading teams to deliver risk and control assessments
  • demonstrable understanding of Data fundamentals, including architecture and principles
  • deep knowledge of financial and risk data, regulatory compliance, and risk management
  • subject matter expertise in operational risk management applied to Data risk
  • bachelor's degree in Computer Science, Data Science, Information Technology, Business, or a related field preferred.
Job Responsibility
Job Responsibility
  • Ensure Enterprise Control Standard requirements are articulated and implemented
  • embed Data Risk Management practices in day-to-day business and strategic decision-making
  • oversee compliance against ORM frameworks and Enterprise Data transformation
  • lead Data Risk SWAT teams in independent risk assessments
  • operate shared services function supporting business risk management
  • serve as the primary interface to stakeholders like regulators and senior management.
What we offer
What we offer
  • Medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • planned time off
  • unplanned time off
  • paid holidays.
  • Fulltime
Read More
Arrow Right

Head of Compliance and risk

The Head of Compliance & Risk is responsible for providing legal, compliance, po...
Location
Location
Salary
Salary:
Not provided
hiremoters.ai Logo
HiRemoters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s level education in law required
  • Expertise in contract law, compliance management and/or audit work preferred
  • 10+ years’ experience working in compliance-oriented roles for law firms, professional services firms or the non-profit sector required
  • 5 years’ experience managing a team required
  • Strong organization skills and attention to detail
  • Deadline oriented with the versatility to adapt quickly to new requests from management
  • Strong communication skills and ability to write and present clear and concise reports
  • Proven track record in developing policies and managing compliance is essential
Job Responsibility
Job Responsibility
  • Monitors means, techniques, and tools for the collection, safeguarding, analysis and reporting on programmatic achievements
  • Reviews and monitors means, techniques, and tools for the collection, safeguarding, analysis and reporting on the financial planning and management of awards
  • Oversight of data collection and responsibility for the associated data compliance systems (in line with applicable data privacy laws, practices, and internal procedures)
  • Ultimate responsible for overall streamlining of the awards management process. this includes support with contracts, documents, requests for proposal, requests for information, requests for quote etc., (collectively RFx) and related matters
  • Accountable for the implementation of awards to ensure timely progress and according to submitted technical reports, proposed strategy, and work plans
  • Contributes to the organizational strategy, through successful development and deployment of relevant frameworks
  • Collaborates closely with programmatic leads in the development of programs and activities and advise on various frameworks such as operational and legal
  • Develops and maintain policies and systems for the operational management (administration, financial, procurement, etc.) of the program awards
  • Develops and maintain Zakat compliant policies and systems for the implementation of Zakat funding mechanisms managed by the Foundation
  • Develops and maintain the Foundations Risk assessment framework and have regular updates with SLT
What we offer
What we offer
  • Flexible and Remote Working
  • Work from anywhere, supporting your work-life balance
  • Career Growth
  • We're committed to your development, offering training and advancement opportunities
  • Performance Recognition
  • Earn raises and career progression opportunities based on a quarterly performance review and a constructive feedback cycle
  • Health and Fitness Benefits
  • Receive fitness reimbursements from day one, and after one year of employment, gain access to a health budget to support your well-being
  • Extra Paid Annual Leave
  • Enjoy 22 days of vacation, with an additional day added for each year of employment, up to a maximum of 26 days
  • Fulltime
Read More
Arrow Right

Head of Governance, Risk & Compliance

Lead the design and execution of the organization’s GRC strategy, ensuring it al...
Location
Location
Egypt , New Cairo
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Business Administration, Risk Management, Cybersecurity, Law, or a related field from a reputable university
  • Minimum of 10 years of experience in governance, risk management, compliance
  • Strong knowledge of GRC frameworks, industry standards, and regulatory requirements (e.g., ISO 27001, NIST, GDPR, SOX, HIPAA)
  • Relevant certifications such as CISM, CRISC, CISA, or similar GRC certifications are highly preferred
  • Proven track record of successful full leadership
  • Excellent command of English
Job Responsibility
Job Responsibility
  • Lead the design and execution of the organization’s GRC strategy, ensuring it aligns with corporate goals and objectives
  • Develop and implement governance frameworks, risk management processes, and compliance programs that adhere to regulatory requirements and industry standards
  • Oversee the risk management process, including risk identification, assessment, mitigation, and monitoring
  • Ensure compliance with relevant laws, regulations, and internal policies, including data protection, cybersecurity, financial, and operational regulations
  • Establish and maintain a strong risk management and compliance culture throughout the organization
  • Provide leadership and guidance to cross-functional teams to ensure effective implementation of GRC initiatives
  • Lead internal and external audits, managing the process and ensuring timely remediation of identified issues
  • Monitor and report on the organization’s risk posture and compliance status to executive leadership and the board
  • Develop, implement, and maintain policies and procedures to address risks and compliance obligations
  • Provide training and awareness programs to employees on GRC topics, fostering compliance and risk-conscious behavior
Read More
Arrow Right

Head of Governance, Risk and Compliance - CISO function - BPL

The Head of GRC leads the pillar responsible for ensuring the organisation under...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISM, CRISC, or CISSP certification
  • Experience with DORA (Digital Operational Resilience Act) compliance requirements and implementation
  • ISO 27001 Lead Auditor or Lead Implementer certification
  • PCI QSA or Internal Security Assessor (ISA) qualification
  • Previous experience in FinTech, Digital Banking, Payment Acquiring organisation
  • Experience with Visa GACS and Mastercard SDP acquirer compliance programmes
  • Significant experience of progressive experience in information security governance, risk, and compliance, with at least 5 years leading a GRC team in a regulated environment
  • Strong understanding of UK GDPR and the role of security controls in meeting data protection obligations, including breach notification requirements and data protection impact assessments
  • Experience designing and operating security control frameworks mapped to multiple regulatory requirements simultaneously (e.g., a single framework serving PCI DSS, FCA, and GDPR)
  • Understanding of cloud-native architectures and their implications for compliance and risk management
Job Responsibility
Job Responsibility
  • Own the security policy framework, ensuring policies are current, proportionate, and aligned to PCI DSS, FCA expectations, UK GDPR, and DORA requirements
  • Maintain and operate the security risk register, ensuring risks are assessed consistently using a defined methodology, owned explicitly, and reported accurately to the CISO and Executive Leadership Team (ETL)
  • Manage the relationship with external auditors, the Qualified Security Assessor (QSA), and 2nd/3rd Line of Defence (LoD) on all security and technology risk matters
  • Own the third-party security assurance process, ensuring all vendors, partners, and card scheme integrations are risk-assessed with a tiered approach proportionate to data access and criticality
  • Chair the monthly Cyber and Tech Risk and Controls Forum, presenting risk posture, compliance status, and material findings to the CISO, CIO and ELT
  • Design and maintain the control framework, mapping controls to PCI DSS, FCA, UK GDPR, and DORA requirements, and ensuring control effectiveness is tested on a continuous cycle
  • Produce KRI dashboards and risk reporting for CISO, CIO, and ELT consumption, ensuring risk is communicated in business terms
  • Lead regulatory and audit engagement on security matters, coordinating regulatory review and audit interactions and proactively managing stakeholder relationships
  • Own the risk assessment calendar, ensuring both cyclical and event-driven assessments are executed on schedule with appropriate rigour
  • Manage the risk acceptance process, ensuring risk acceptance decisions are documented, time-bound, approved at the appropriate authority level, and reviewed before expiry
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Global Head of Cyber Risk and Compliance

The Technology & Cyber Compliance and Operational Risk Office (TCCORO) at Citi i...
Location
Location
United States , Irving, Texas, United States, New York, New York, United States
Salary
Salary:
250000.00 - 500000.00 USD / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 20+ years' experience in technology risk and/or cyber risk management in the banking/financial services industry, or related field, with at least 5+ years in 2nd or 3rd line senior leadership positions
  • Subject matter expert in technology risk and/or cyber risk management principles and practices across various information system architecture and engineering domains
  • Proven experience in managing complex risk portfolios and developing strategic risk management frameworks for large organizations
  • Robust understanding of operational risk management frameworks, industry standards, regulatory requirements, and risk mitigation practices
  • Experience managing and overseeing large remediation and transformation programs to achieve intended results
  • Extensive experience in effective written and verbal communication with executive audiences including Boards
  • Experienced risk challenger who balances risks vs. rewards aligned with corporate risk culture
  • Understanding of Citi products and services and downstream impacts of technology risk and/or cyber risk strategy
  • Professional certifications in either technology risk and/or cyber risk preferred, including: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), ERM, CET, ISO27001, COBIT, TOGAF, or CRI
  • In-depth, working knowledge of banking technologies, fraud, cybercrime detection and countermeasures, encryption, data retention, as well as information security support for segregation of duties, application development, network and systems operation, testing and vendor management
Job Responsibility
Job Responsibility
  • Oversight and challenge of the cybersecurity incident response programs
  • Oversight of the security operations center (SOC) and cybersecurity fusion center (CSFC)
  • Oversight of cybersecurity penetration testing and red-team operations
  • Oversight of the Chief Information Security Office (CISO), including the review of the effectiveness of the controls, standards and programs across the enterprise
  • Implementation of guidance for overseeing Emerging Technology and Operational Risks, in compliance with OCC Heightened Standards
  • Able to present and lead discussions with key Regulators, internal and external auditors, as well the Board of Directors and the Risk and Audit sub-committees
  • Governance and Oversight of security risks impacting the business and technology
  • Support in the development of Cyber Policy and Standards
  • Oversight of Key Operational Risks and related indicators and thresholds
  • Challenge of Cyber Risk Self Assessments
What we offer
What we offer
  • Discretionary and formulaic incentive and retention awards
  • medical, dental & vision coverage
  • 401(k)
  • life, accident, and disability insurance
  • wellness programs
  • paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays
  • Fulltime
Read More
Arrow Right

Head of Security Governance, Risk & Compliance

We’re looking for a dynamic, experienced Head of GRC to lead our global governan...
Location
Location
Luxembourg , Luxembourg
Salary
Salary:
Not provided
ppro.com Logo
PPRO GmbH
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record transforming traditional GRC frameworks (ISO27001, PCI DSS, SOC2) into modern, automated, developer-friendly control assurance programmes
  • Solid grounding in financial services regulation, payments, operational resilience, outsourcing/cloud guidelines etc.
  • Strong experience interacting with regulators and auditors (CSSF, FCA, etc.) and implementing regulatory requirements
  • Proven ability to run risk management processes, control frameworks and audit cycles
  • Experience evaluating technology, cyber and operational risks in a cloud-native environment
  • Engineering-first mindset, with an understanding of cloud-native architectures (AWS preferred) and how GRC requirements fit into engineering workflows
  • Experience with GRC tooling, workflow automation or process optimisation
  • Ability to translate regulatory requirements into practical, technical control expectations
  • Excellent communicator, capable of influencing executives, engineers, auditors and regulators
  • Pragmatic, commercially-minded, empathetic and customer-focused
Job Responsibility
Job Responsibility
  • Lead PPRO’s global Security GRC strategy and team, to support our international regulatory and compliance footprint
  • Oversee and enhance our ISO27001:2022 and PCI DSS v4.0 programmes, building a culture of continuous compliance through automation and control transformation
  • Partner with relevant functions to ensure ongoing DORA compliance, including security risk management, incident reporting, operational resilience testing and governance
  • Define and deliver a strategy for a pragmatic, high-value 2nd line automated control assurance programme, underpinned by relevant business metrics
  • Own and manage regulatory expectations on security topics by the CSSF in Luxembourg, FCA in the UK and other international bodies as relevant
  • Maintain and enhance PPRO’s security risk register, defining and delivering cross-organisation improvement and remediation roadmaps
  • Lead security control testing, issue management, KRI monitoring, SLA reporting and Board-level reporting
  • Act as Information Security Officer for PPRO’s local Luxembourg entity
  • Own third party security risk management and oversight for PPRO across the full procurement lifecycle
  • Partner closely with Engineering to build shared understanding and transform controls via thoughtful automation, streamlining evidence collection and control monitoring
What we offer
What we offer
  • Hybrid working with a 3 days / week on site expectation
  • Work from abroad policy, enabling employees to work remotely for up to another 30 days per year
  • €1,000 annual budget for professional growth
  • Leadership cafés, on-the-job training
  • Lunch Vouchers - 12,80euros x 18 / month
  • Enhanced family leave
  • Travel Insurance
  • Gym membership contribution
  • Mental Health Platform
  • Pet-friendly office
  • Fulltime
Read More
Arrow Right