Tottenham Hotspur FC

Tottenham Hotspur FC

Head of Risk and Compliance


Role Type



Posting Date

Nov 7, 2022

Role description

Job Summary

Founded in 1882, Tottenham Hotspur Football Club is an English Premier League Club, based in North London.
Led by the late great Bill Nicholson, the Club became the first in England to win the League and FA Cup Double in 1961, and the first in the UK to win a European Trophy two years later. Spurs has since been home to some of the game great entertainers, including Jimmy Greaves, Glenn Hoddle, Paul Gascoigne, David Ginola, Gareth Bale, Heung-Min Son and Harry Kane.
In April 2019, the Club opened an iconic new stadium that sits at the heart of a 1billion sport-led regeneration of North Tottenham. The stadium is the largest football club stadium in London and is a multi-use venue with the ability to host a variety of events 365 days a year, including NFL, boxing, rugby, concerts and other major events, plus visitor attractions including Stadium Tours and the Dare Skywalk.
The stadium development scheme has to date created more than 4,000 new jobs for local people, with circa 300m pumped into the local economy each year.
Tottenham Hotspur has:

A clear strategy to develop talent from within its Academy, showcased by a strong track record of Academy players graduating to the first-team squad.
A 100m state-of-the-art Training Centre that supports the Club ambition to attract, develop and retain the best talent.
Commercial partnerships with globally-recognised brands including AIA Group Limited (AIA), one of the world's leading providers of life insurance services, and Nike, the world leading sports footwear and apparel company
A commitment to minimizing its environmental impact across Club operations, being named as the greenest in the Premier League for the past three years. Tottenham Hotspur is a signatory of the UN Sports for Climate Action Framework, committing to halve carbon emissions by 2030 and become net zero carbon by 2040
An award-winning Foundation that is renowned for creating opportunities to help enhance the lives of people in its local community through education, employment, health and social inclusion programmes

The Club is seeking a Head of Risk and Compliance totake full responsibility for the management of the Club risk and compliance obligations, ensuring all statutory requirements are being met or exceeded and delivering to the highest of standards.
Safeguarding is fundamental to the success in all that we do. Successful candidates are subject to an enhanced DBS check.
Tottenham Hotspur Football Club welcomes applications from anyone regardless of age, disability, race, colour or ethnic and national origins, religion or belief, or sexual orientation.

Key Responsibilities

Monitor compliance with data protection and privacy legislation and the Club related policies in an environment dealing with significant amounts of personal data.
Advise and support teams across the business to meet their obligations to protect personal data in line with legislation.
Monitor regulatory and legislative developments to devise and maintain policies and procedures to regulate the processing of personal data and set out how to interact with external bodies, regulatory authorities, and data subjects.
Establish and maintain influential working relationships at all levels necessary to successfully promote compliance strategies, and continuous improvement opportunities.
Review contracts to ensure that appropriate data protection wording is included.
Manage data subject access requests within stipulated timeframes.
Document new processes and assist the business in completing relevant assessments, e.g., privacy impact, legitimate interests, and data protection impact assessments.
Co-manage the Club system asset register to ensure all platforms used to process personal data across the Club are documented and assessed.
Manage the Club Risk Compliance systems including GRC and Due Diligence platforms.
Review completed assessments and take any identified risks through a treatment process with the business, assigning and managing the completion of tasks where required.
Manage third party relationships for the maintenance of existing Risk Compliance platforms and create business requirements for any identified enhancements.
Perform ongoing compliance reviews of all active vendors to cover a broad range of compliance checks.
Carry out rationalisation exercises to identify any overlap in vendor services and, where appropriate, question business plans to change existing arrangements.
Manage the compliance on-boarding of new vendors to ensure adherence with Club policy.
Co-manage the Club risk register along with other departments
Act as a key stakeholder on compliance related projects
Oversee and implement ongoing staff compliance training program.
Ensure that staff are aware of their compliance responsibilities, accept accountability and understand reporting obligations.
Sustain a strong risk culture that identifies and provides oversight and escalation of existing and emerging compliance issues across business units, legal entities, geographies, and jurisdictions.
Develop and articulate sound proposals to key stakeholders which influence and drive timely decision making.
Cultivate relationships and collaborate with multiple stakeholders, including Heads of Departments, internal and external Legal counsel, regulatory bodies and auditors.
Establish a large-scale vision, developing the strategy to support the vision, gaining consensus across key functional leadership areas through effective communications and successful delivery against goals and objectives.

Personal Attributes

Thinks ahead, generates innovative ideas
Values respects others, builds relationships, collaborates
Gets things done, delivers to highest of standards, takes responsibility

Skills Experience

Extensive experience in managing a compliance function with a focus on data protection.
A solid understanding of European and UK data protection law.
Both CIPM and CIPP/e qualifications or relevant alternative.
An understanding of other relevant compliance functions such as ESG, PCI-DSS, AML and EDI.
Demonstratable experience of delivering sustainable compliance frameworks.
Management and subsequent treatment experience of a digital risk register.
Ability to work autonomously in creating and executing strategies.
Excellent verbal and written communication skills.
Experience in process and data flow mapping.
Experience in using GRC and due diligence technology.

Closing: 18 Nov 2022

Invest in a professionally

designed CV.
Click the button below to get started!