Head of Legal, Risk & Compliance

Key Responsibilities

• Act as the company’s senior legal advisor, providing pragmatic and commercially focused advice to the Board and Executive Team.
• Ensure the company operates within its constitutional and statutory framework, maintaining full compliance with company law and governance standards.
• Manage company secretarial responsibilities, including Companies House filings, board documentation, and shareholder communications.
• Support directors in understanding and fulfilling their statutory duties.
• Provide legal support to HR on employment law issues, including employment contracts, consultancy agreements and internal policies.  Plus advise on disciplinary, grievance, restricting and termination matters
• Advise on corporate structure, shareholder agreements, and subsidiary management.

• Develop and oversee the company’s contract management framework, including drafting, negotiation, approval, and maintenance of key agreements.
• Review, draft, and negotiate a wide range of commercial contracts, including:
• Energy supply, brokerage, and commission-sharing agreements
• Consultancy and advisory service contracts
• Data sharing and processing agreement.
• Supplier and subcontractor contracts
• Non-disclosure and framework agreements
• Maintain and update standard templates and terms to support commercial efficiency and risk control.
• Advise on contract strategy, risk allocation, limitation of liability, indemnities, warranties & termination rights.
• Provide legal support for tenders, procurement processes, and strategic partnerships.
• Support cross-border agreements where clients or partners operate internationally.

•  Ensure compliance with all applicable laws and regulations governing energy broking and consultancy activities, including Ofgem guidance and industry codes of conduct.
• Oversee the compliance framework, policies and procedures to ensure regulatory obligations are met, helping the company to maintain existing ISO certifications and drive for additional Group-wide ones
• Monitor regulatory developments affecting the energy and environmental services sectors and advise on implementation requirements.
• Liaise with regulators, auditors, and accreditation bodies as the company’s primary point of contact for compliance matters.
• Own customer onboarding and compliance process from a governance & risk perspective, ensuring oversight of appropriate controls and processes across the organisation.
• Lead internal compliance reviews and audits, ensuring findings are addressed promptly.
• Promote a culture of compliance and ethical business practice throughout the organisation.
• Own H&S policy and practices and external certifications.

• Oversee compliance with the UK GDPR and Data Protection Act 2018 across all operations.
• Develop and maintain data protection policies, data processing registers & breach management procedures.
• Act as or supervise the company’s Data Protection Officer (DPO).
• Ensure that all contracts include appropriate data protection provisions and that third parties meet the company’s data security standards.
• Lead responses to subject access requests, data breaches, and regulator communications.

• Manage all legal disputes, client claims, or regulatory investigations efficiently and with a commercial lens.
• Lead early-stage dispute resolution and mediation to preserve client and supplier relationships.
• Instruct and oversee external legal counsel where necessary, managing cost, scope, and quality of advice.
• Maintain oversight of potential liabilities, settlements, and legal exposure across the group.

• Develop and deliver targeted training on legal, contractual, and compliance topics including anti-bribery, data protection, and conduct in regulated markets.
• Promote awareness of compliance obligations and foster a culture of accountability and good governance across all departments.

Skills, Knowledge and Expertise

• Minimum of 5 years working in a comparable role
• Must be comfortable delivering through a virtual team, as accountability for ensuring compliance sits with this role, whilst some day to day responsibilities sits elsewhere in the organisation
• Able to hold the relevant business owners and areas accountable to deliver their responsibilities 
• Legal or compliance background
• Internal and external auditing
• Understanding of general legislation including GDPR, financial, H&S
• Policy writing

• Experience of working in the Energy Industry or a business with similar legislative demand.
• Experience of the Construction Industry
• Experience of maintaining ISO certified management systems
• Experience of FRS legislation 

• Legal or Compliance related qualification
• NEBOSH / IOSH
• ISO Lead Auditor / Internal Auditor
• CQI or IRCA certificate in Quality Management

• Excellent communication and presentation skills
• Exceptional attention to detail
• Excellent contract, report and policy writing skills
• Authority at all levels of the organisation