Director, Third Party Risk & Export Controls

Director, Third Party Risk & Export Controls - London - Nscale

About Nscale

Nscale is the GPU cloud engineered for AI. We provide cost-effective, high-performance infrastructure for AI start-ups and large enterprise customers.  Nscale enables AI-focused companies to achieve superior results by reducing the complexity of AI development. Our GPU cloud bolsters technical capabilities and directly supports strategic business outcomes, including cost management, rapid innovation, and environmental responsibility.

At Nscale, our Legal & Compliance team plays a critical role in driving business success by partnering with stakeholders to anticipate regulatory change, operationalize compliance requirements, and deliver solutions that protect the company while enabling commercial opportunities, to scale confidently, sustainably, and with integrity.

We thrive on a culture of relentless innovation, ownership, and accountability, where every team member takes pride in their work and drives it with excellence and urgency. As an Nscaler, you’ll build trust through openness and transparency, where everyone is inspired to do their best work. If you join our team, you’ll be contributing to building the technology that powers the future.

About the role

Nscale is building and operating AI infrastructure across multiple jurisdictions. This role owns day-to-day sanctions compliance and leads the trade controls and third-party risk framework across the group. You will set standards, build scalable processes, and provide second-line oversight, embedding requirements into procurement and regional operations and delivering clear, practical advice to commercial and delivery teams.

This is a hands-on role: part operational execution, part programme build, and part senior advisory.

What you'll be doing 

Sanctions compliance (day to day)

• Own day-to-day sanctions compliance for Nscale globally, including triage, escalation, and decision support.
• Maintain denied party and sanctions screening standards, manage potential matches, and document outcomes clearly and consistently.
• Lead sanctions reviews across customer, supplier, and partner relationships, including ownership and control analysis where required.

Trade controls and export controls assurance

• Develop and maintain an export control classification matrix identifying the Export Control Classification Number (ECCN) for each item Nscale exports or reexports that is controlled under the Export Administration Regulations (EAR) above EAR99, and the equivalent UK/EU control references where relevant.
• Build and maintain the operating processes behind the matrix: classification intake, supporting evidence, recordkeeping standards, reclassification triggers, and periodic review.
• Own export control licensing and licence-exemption analysis, including end-use and end-user checks, end-use certifications where required, and the controls needed to rely on exemptions/exception pathways.
• Partner with Legal and Procurement to embed appropriate trade controls contracting into customer and supplier agreements (including sanctions and export control clauses, restrictions, audit rights, and technology transfer terms where applicable).
• Provide practical guidance on imports/customs matters where they intersect with sanctions and trade controls, including escalation of higher-risk issues.

Regulatory engagement and submissions

• Lead submissions and correspondence with regulators, including disclosures and requests for advisory opinions, interpretive guidance, CCATS rulings, or similar communications submitted to OFAC, BIS, and relevant EU/UK authorities, relating to economic sanctions, export control laws/regulations, or import/customs laws/regulations (collectively, “Trade Controls”).
• Coordinate internal fact finding, evidence gathering, drafting, and stakeholder alignment to ensure timely, consistent, and defensible submissions.

Third-party risk, KYC, and onboarding (standards and oversight)

• Set the global standards and operating model for third-party risk management (TPRM) and KYC across customers, suppliers, intermediaries, and other relevant third parties, including segmentation, diligence levels, UBO mapping, sanctions risk, adverse media, and refresh cycles.
• Work closely with Procurement, Finance Ops, and regional teams to embed requirements into onboarding workflows, with clear artefacts, SLAs, and escalation routes.
• Own escalation, approvals, and decisioning for higher-risk third parties and complex ownership/control structures, ensuring outcomes are well-documented and defensible.
• Provide clear advisory notes to support customer and vendor onboarding decisions, balancing risk and commercial objectives.

Investigations, incident response, and issue management

• Lead or support investigations and incident response for trade controls, sanctions, and third-party risk issues, including triage, evidence collection, remediation plans, and lessons learned.
• Maintain clear escalation routes, decision logs, and communications for incidents and near-misses.

Controls governance and reporting

• Maintain the risk and controls register for trade controls, sanctions, and third-party risk, including control descriptions, ownership, frequency, and remediation status.
• Support  management reporting and board-ready updates as needed, focused on risk trends, exceptions, and operational impact.
• Be accountable for process mapping and documentation for this risk area, with clear hand-offs to operational owners.

Training and enablement

• Support the wider compliance programme, including annual training refresh cycles and targeted enablement for procurement, commercial, and operations teams.
• Contribute to compliance communications and practical playbooks that make requirements easy to follow.

About You 

• Senior compliance professional with significant experience across sanctions, export controls/trade compliance, and third-party risk in a multinational environment, ideally spanning technology, hardware, infrastructure, or SaaS.
• Strong working knowledge of export classification and licensing concepts, and the ability to translate requirements into simple processes and decision tools.
• Demonstrated experience embedding controls into procurement and onboarding workflows, without creating unnecessary friction.
• Comfortable engaging senior stakeholders, writing clear advisory notes, and influencing outcomes in fast-moving environments.
• Experience working with external counsel and regulators, including coordinating high-quality submissions and documentation.
• Strong judgement, calm under pressure, and highly organised, with a practical, solutions-led approach.

What we can offer you 

• A collaborative, supportive, and innovative environment where your contributions will make a real impact.
• A competitive compensation package (base + equity) with reviews every X months. This is a level XX [early career] role and we can pay XX-XX depending on experience.
• Work at one of the fastest-growing tech startups, backed by top PE/VC firms like XXXX.
• A clear progression plan. We want you to keep growing. That means trying new things, leading others, challenging the status quo and owning your impact. Always with our complete support.
• Flexibility: We see you as individuals first, employees second. This approach includes all the expected perks but goes beyond that to offer true flexibility. We’re proud to be a workplace that trusts our Nscalers to excel in their roles while giving you the freedom to shape your day- whether that means fitting in a school drop-off or taking a midday break for a walk with your dog.
• Hybrid Working: Join our hybrid team, and enjoy the flexibility of self-led remote work, allowing you to create a productive and balanced work-life setup, while staying connected with your global team.

Equal Opportunities 

We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.

If there’s anything we can do to accommodate your specific situation, please let us know.

The responsibilities outlined in this job description are not exhaustive and are intended to provide a general overview of the position. The employee may be required to perform additional duties, tasks, and responsibilities as assigned by management, consistent with the skills and qualifications required for the role.

For information on how Nscale handles candidate personal data, please see our Employee & Candidate Privacy Notice: Here.