Legal Compliance Officer at Clicks Group

Introduction

• We are seeking a proactive and detail-oriented Legal Compliance Officer to support the development and continuous improvement of the Group’s risk-based compliance framework.

Job description

Job Purpose

• To support the development, implementation and continuous improvement of a practical, risk-based compliance framework across the Group, ensuring that key regulatory obligations are identified, understood, monitored and embedded into business processes.
• The role supports the Legal Department and business in managing regulatory change, compliance monitoring, policy governance, training, data privacy support, regulatory engagement, incident remediation and governance reporting, with a strong focus on using technology and data to improve the efficiency and effectiveness of the compliance function.

Job Objectives

• Develop, implement, monitor and continuously improve the Group compliance framework, incorporating sound compliance, risk management and corporate governance principles.
• Maintain the Group’s regulatory universe, compliance registers, obligation trackers, policy registers and compliance monitoring tools, ensuring key obligations are mapped to responsible business owners and practical controls.
• Monitor and report on regulatory developments applicable to the Group and prepare practical impact assessments, including affected business areas, key risks, required actions, owners and implementation timelines.
• Provide compliance advice and support to senior leadership and business stakeholders to mitigate regulatory, operational and reputational risk.
• Drive the use of legal and compliance technology to improve regulatory obligation tracking, policy management, training, third-party risk processes, evidence retention, monitoring, dashboards and governance reporting.
• Develop, document, update and maintain Group-wide compliance policies, protocols, standards, procedures and guidance notes.
• Develop and deliver compliance and regulatory training across the Group, including targeted training for higher-risk business areas.
• Support compliance monitoring, assurance and remediation by assessing key controls, tracking compliance failures, audit findings, incidents, complaints and corrective actions to closure.
• Support data privacy and information governance processes, including POPIA compliance, privacy impact assessments, data subject requests, data incidents, privacy training and Deputy Information Officer responsibilities where required.
• Support regulatory engagement, third-party compliance processes and matters with potential regulatory or reputational consequences, including regulator enquiries, inspections, vendor risk assessments, customer complaints and communications support.

Minimum requirements

Job Related Knowledge

Essential

• Compliance management frameworks and principles 
• Regulatory risk management 
• Corporate governance principles 
• Policy governance and compliance monitoring 
• Regulatory horizon scanning and impact assessment 
• Data privacy and information governance, including POPIA 
• Practical understanding of legal and regulatory controls 
• Governance reporting and preparation of management-level reports 
• Use of compliance, legal operations, risk or governance technology 

Desirable

• Knowledge of legislation applicable to retail, healthcare, medicines, pharmacy, consumer protection, advertising, data protection and e-commerce 
• Experience in a listed company or regulated environment 
• Third-party / vendor risk management 
• AI governance, digital compliance or data ethics 
• Cross-border compliance exposure in Sub-Saharan Africa 
• Information security governance awareness

Job Related Skills

Essential

• Strong written and verbal communication skills, with the ability to explain complex legal and regulatory requirements clearly to business stakeholders.
• Strong analytical, problem-solving and risk assessment skills, with the ability to identify practical, risk-based solutions.
• Strong drafting skills, including policies, procedures, reports, training material and compliance guidance.
• Ability to translate regulatory obligations into practical business controls, processes and remediation actions.
• Strong stakeholder management skills, including the ability to influence, challenge constructively and work across multiple business functions.
• Project management, planning and organisational skills, with the ability to manage multiple workstreams and deadlines.
• Comfortable working with technology, data, dashboards and compliance platforms.
• Strong attention to detail, commercial awareness and ability to work independently and as part of a team.

Desirable

• Experience with compliance, GRC, legal operations, contract management, policy management or workflow platforms 
• Experience with dashboarding, reporting tools or compliance data analytics 
• Experience designing or improving compliance processes 
• Experience developing and presenting training to non-legal audiences 

Job Experience

Essential

• Minimum of 5 years’ experience in a compliance, legal, regulatory, governance, risk, privacy or assurance role.
• Experience developing, implementing or maintaining compliance frameworks, policies, procedures, registers, training and monitoring activities. 
• Experience preparing regulatory impact assessments, compliance reports or governance updates. 
• Experience working with business stakeholders to implement compliance controls and remediation actions. 
• Experience supporting privacy, data protection or information governance processes. 

Desirable

• Experience in a listed, regulated, retail, healthcare, pharmaceutical, FMCG, wholesale, distribution or multi-site environment. 
• Experience working with regulators or supporting responses to regulatory enquiries, inspections or investigations.
• Experience using or implementing legal, compliance, GRC, risk or policy management technology. 
• Experience with third-party / vendor compliance processes.
• Experience supporting board, committee or senior management reporting. 

Education

Essential

• Relevant degree in law, commerce, risk, governance, compliance, finance or a related field. 
• Compliance, privacy, risk or governance qualification, or demonstrable equivalent experience. 

Desirable

• Admitted attorney or advocate. 
• Certificate in compliance management. 
• CIPP/E, CIPM or equivalent privacy qualification. 
• CGISA or other governance qualification. 
• ISO 27001, information security governance or cybersecurity governance exposure. 
• Relevant postgraduate qualification in law, governance, compliance, risk, privacy or business. 

Job Related Competencies

• Applying expertise and technology 
• Presenting and communicating information 
• Analysing 
• Planning and organising 
• Deciding and initiating action 
• Working with people 
• Adapting and responding to change 
• Adhering to principles and values 
• Delivering results and meeting expectations 
• Persuading and influencing 
• Coping with pressure and setbacks 
• Entrepreneurial and commercial thinking 
• Learning and researching

Apply by: 24 May 2026