Job Description

Job Role: Project, Risk, Compliance & Governance Manager (Full Time) About the Company

Founded in 2017, Medi2Data powers access to consented and curated medical data through cutting-edge technology and specialist services. We streamline and digitise the secure exchange of medical information, supporting GP practices, instructing parties, and patients. By addressing challenges on both the demand (Client Services) and supply (Primary Care Services) sides of the ecosystem, we enable faster, more efficient, and compliant medical data transactions. We are transforming how medical data is accessed and managed in the digital age.

The Role

Reports To:

Chief Operating Officer

Banding:

Band 3

Location & Term:

Hybrid |

Full-Time

| Permanent

Job Overview

Medi2Data is seeking an experienced and highly organised Project, Risk and Compliance Manager to lead the coordination of key projects while ensuring the highest standards of regulatory compliance and governance. This full-time position combines strategic project delivery with oversight of risk frameworks, data protection, accreditations, and policy assurance.

Working across departments and with external partners, the successful candidate will ensure projects are delivered on time and in alignment with ISO27001, Cyber Essentials, NHS DSPT, and other applicable frameworks. You will drive operational effectiveness while safeguarding trust, integrity, and compliance in our digital health services.

Key Responsibilities

Lead delivery of strategic and operational projects, ensuring scope, budget, and timelines are met Develop and manage robust internal risk, compliance, and governance frameworks Produce and maintain detailed project plans, risk logs, and audit trails Complete and submit documentation for accreditations including NHS DSPT, Cyber Essentials, and ISO standards Track regulatory changes and maintain up-to-date compliance with GDPR, NHS standards, and ICO guidance Coordinate cross-functional teams and third-party vendors, ensuring stakeholder alignment Conduct internal audits, investigations, and due diligence checks for new clients and suppliers Monitor and manage project and compliance-related documentation and performance reports Deliver governance communications and training across the business o Promote a culture of operational excellence, proactive risk management, and continuous improvement

Key Relationships

Chief Operating Officer (line manager) Heads of Department (Operations, Engineering, Customer, Quality and Standards) Clinical Operations Manager External clients, vendors, regulators, and audit bodies

Person Specification

Proven experience in managing projects, compliance, and risk frameworks in regulated environments Familiarity with ISO27001, Cyber Essentials, NHS DSP Toolkit, and data governance standards Skilled in project management methodologies (e.g., Agile, Waterfall, Jira, MS Project) Strong analytical and organisational skills with a high attention to detail o Excellent communicator with experience engaging stakeholders at all levels o Self-starter with initiative, resilience, and commercial acumen o Experience in digital health, SaaS, or NHS-related organisations preferred

Core Competencies (Band 3 - Manager Level)

Accountability

- Owns project and compliance outcomes end-to-end, ensuring tasks are delivered to high standards and timelines.

Leadership

- Guides cross-functional teams and stakeholders through change, compliance, and project delivery with clarity and influence.

Decision Making

- Makes data-informed decisions under pressure, assessing regulatory, operational, and commercial risk.

Planning & Prioritisation

- Manages concurrent priorities across project delivery and governance requirements, adjusting plans as needed.

Analytical Skills

- Uses audit results, delivery metrics, and risk data to drive improvements and ensure compliance.

Problem Solving

- Investigates root causes of issues and develops practical, effective solutions that reduce future risk.

Effective Communication

- Produces clear project documentation and compliance materials; tailors messaging to audience needs.

Relationship Management

- Builds trust and resolves tensions across departments, vendors, and audit bodies.

Continuous Improvement

- Identifies and implements opportunities to enhance systems, processes, and team effectiveness.

Performance Management

- Tracks progress on project goals and compliance KPIs, providing feedback and accountability.

Customer Service

- Maintains strong service delivery and user experience while upholding compliance standards.

Change Management

- Leads teams through change processes, from compliance updates to new technology adoption.

Service Delivery Mindset

- Focuses on outcomes that are timely, high quality, and client-focused, with an eye on long-term service performance.

Coaching

- Shares expertise to build capability across teams; delivers training and supports policy understanding.

Risk Awareness

- Maintains live awareness of risk environment; escalates and mitigates risks in a structured and timely manner.

Equal Opportunities

Medi2Data is committed to creating a diverse and inclusive workplace. We welcome applications from all qualified individuals regardless of gender, race, age, disability, religion, or background.

How to Apply

Please submit your CV and a short cover letter to . Interviews will be held on a rolling basis.

Job Types: Full-time, Permanent

Pay: 30,000.00-35,000.00 per year

Benefits:

Company events Free parking On-site gym On-site parking
Schedule:

Monday to Friday
Work Location: Hybrid remote in Cardiff CF24 5EA