Head of Governance & Compliance

Thanks for stopping by! We’re Doctor Care Anywhere: a leading digital platform, with a clear vision to be the primary care provider of choice for digital healthcare – and that all starts with our brilliant team.

We are the UK’s largest private provider of telehealth services. We work with insurers, healthcare providers and corporate customers to provide healthcare services to more than 2 million patients every year. From doctors and designers to software developers and marketers – we’re proud of our people, who love working together to enhance patient experiences for the better. It’s why every year, we help over 2 million people speak to a GP or ANP by video or phone, anywhere in the world.

Our story started back in 2013, and as we continue to grow, we’re looking for the very best talent to help us achieve our ambitious goals. If you’re highly motivated and would love to work with us as we continue to grow, then we would love to hear from you!

Your new role: As the Senior Governance & Compliance Manager you will work closely with and support the Chief Risk Officer and have input in the scoping and delivery of end to end GRC initiatives and projects, to drive compliance and improve standards for our teams, patients and doctors, within Doctor Care Anywhere (DCA) and its subsidiary companies.

Responsible for delivery and maintenance of the compliance activities – ISO 27001 and 9001 requirement, including maintenance of ISMS. This role will manage the process across the organisation working closely with all departments and teams delivering ISO workshops and any required training.


  • Manage the document control process for the business
  • Oversee the implementation and embedment of DCA’s policies, processes and protocols whilst ensuring that they have been documented, reviewed periodically and are easily accessible by staff
  • When required assist with the development of GRC policies, procedures and frameworks
  • Develop an internal control risk management assessment process to test compliance against policy and procedure requirements and principles
  • Support organisational compliance / regulations initiatives across clinical and non-clinical areas
  • Manage the ISO 27001 and 9001 ISO certification and any new ISO certifications the company signs up to. Ensure QMS processes are established, implemented, and maintained. Review and planning of internal audits.
  • Coordinate and manage the ISO audit on an annual basis and for recertification
  • Contribute to the delivery of the GRC annual assurance plan
  • Undertake second line ISO/Internal Audit and other reviews at least annually prior to external audits
  • Manage the organisation’s business continuity and operational resilience plans and processes working with all clinical and non-clinical areas.
  • The management of the Compliance Manager and any other staff members across the GRC team.

Key attributes


  • Analytical mind with an aptitude for figures and data-driven argumentation, very good Excel skills are a must;
  • High level written communication skills, including but not limited to policy writing, report, plan and training;
  • Strong attention to details and ability to identify abnormalities by triangulation
  • Problem solving will come naturally to you, with the ability to set priorities, manage multiple deadlines and effectively deliver tasks and processes on time;
  • You will be able to work both autonomously, and effectively contribute to a team;
  • Highly computer literate (Microsoft and business applications) with the ability to familiarise quickly to new systems / programs.


  • Demonstrated experience in implementing and reviewing policies, plans and procedures;

Experience /Attributes

  • Experience of an ISMS production and delivery as part of an ISO27001 certified programme
  • Experience of managing client/business partner security assurance programmes
  • Recent experience of working in a similar capacity in a healthcare or insurance environment
  • Excellent interpersonal skills, comfortable working at all levels within an organisation and in a wide variety of situations
  • Relevant industry certification (e.g. ISO 27001 Lead Auditor, CISSP, CISM, etc.) desirable
  • Excellent knowledge of methodologies, processes and tools associated with supporting this function effectivel


We understand the importance of good health and happiness for our patients and our team is just the same. You should expect to be as supported and valued being a member of our team and have the freedom to make the most of your role and career with us! When you’re part of the team you will have access to:

  • Free Private Medical Insurance (savings on vision and dental care plus 40% off Nuffield Health gym membership)
  • Doctor Care Anywhere subscription for you + 5 members of your friends or family
  • Company bonus
  • 25 days holiday + bank holidays
  • Birthday Day Off!
  • 4 x charity days a year
  • Enhanced Maternity and Paternity pay
  • Life Assurance
  • Bike2Work scheme
  • Cross-team collaboration opportunities in an autonomous environment
  • Remote / Flexible Working with contribution towards home set up and your laptop provided
  • Range of Development opportunities including learning and progression

Doctor Care Anywhere is committed to safeguarding and promoting the welfare of its patients and expects all Colleagues to share this commitment. This post is subject to satisfactory DBS and reference checks.

Cyber Security Jobs by Category

Cyber Security Salaries