IT Governance, Risk and Compliance Analyst managing compliance initiatives like NIST and ISO standards in technology and security operations.
About the role
- GRC Specialist leading company’s governance, risk, and compliance strategies for information security and financial regulations. Ensuring effectiveness of controls, policy alignment, and readiness for audits.
Responsibilities
- Maintain compliance and control frameworks aligned with ISO 27001, SOC 2, PCI DSS, GDPR, DORA, and other applicable regulatory standards.
- Maintain the corporate policy suite, ensuring version control and alignment with regulatory expectations.
- Design and enforce corporate governance policies across business units.
- Drive employee awareness and compliance attestations.
- Facilitate governance steering committees and board-level reporting.
- Coordinate external audits, regulatory queries, and remediation evidence packs.
- Lead business process and asset risk assessments aligned to ISO 27005 and DORA risk taxonomy.
- Run internal compliance reviews, document control deviations, and manage corrective actions.
- Assess operational and supplier dependencies with business continuity impact analysis (BIA) inputs.
- Conduct internal control reviews, regulatory gap assessments, and readiness projects for certifications and supervisory audits.
- Partner with IT to implement control automation, compliance tooling, and evidence repositories.
- Monitor emerging laws, supervisory guidelines, and industry standards, and translate them into actionable roadmap items.
- Support BCP/DR governance and testing programs with measurable RTO/RPO targets.
- Coordinate major incidents reporting procedures and regulatory notifications.
- Own compliance dashboards, KPIs/KRIs dashboards, and audit-ready records.
- Present actionable risk insights to Audit & Risk Committees and regulators.
Requirements
- Bachelor’s degree in Information Security, Risk Management, IT, Finance, or a related field.
- Professional certifications such as ISO 27001 Lead Implementer/Auditor, CRISC, CISA, CISSP, or equivalent are highly desirable.
- Proven experience (3–5+ years) in Governance, Risk & Compliance, information security, or operational resilience roles.
- Hands-on experience with regulatory frameworks including ISO 27001, SOC 2, PCI DSS, GDPR, and financial regulations such as DORA.
- Experience coordinating audits, risk assessments, compliance reviews, and regulatory engagements.
- Demonstrated track record in implementing, monitoring, and reporting GRC programs across complex, multi-jurisdictional environments.
- Strong understanding of risk management frameworks, operational resilience, and control assurance methodologies.
- Ability to interpret regulatory guidance and translate it into actionable business policies and processes.
- Excellent analytical skills with attention to detail and accuracy in documenting controls, risks, and audit evidence.
- Effective stakeholder management and communication skills, including the ability to present findings to senior management and regulatory bodies.
- Proficiency in GRC tools, compliance management systems, and Microsoft Office/Power BI for reporting purposes.
- Ability to manage multiple priorities, drive initiatives, and work independently as well as collaboratively across teams.
- High integrity, accountability, and commitment to ethical standards.
- Proactive and solution-oriented mindset with a continuous improvement approach.
- Strong organizational skills with the ability to maintain compliance records and evidence in audit-ready condition.
Benefits
- Future-Proof Your Finances: Once you’ve passed probation, we’ll kickstart your Provident Fund to secure your future.
- Grow with Us: Annual Learning Budget for professional development (after probation)—because your growth is our growth.
- Wolt Your Way Through Lunch: €150 monthly Wolt allowance to keep you fueled and happy.
- Drive in Style: After one year with us, you may be eligible for a company car—performance and availability permitting.
- Park with Ease: Complimentary parking space just steps from the office, so your commute is as smooth as your workday.
- Max Out Your Downtime: 25 days of vacation + public holidays, plus an additional 10 sick days to rest when needed.
- Shop & Save: Exclusive local discount card + tickets for exciting events like Beonix, basketball games, and more.
- Speak Like a Local: Join free Greek language classes, twice a week, open to all team members.
- Celebrate Together: Twice a year, we bring colleagues from all offices together for unforgettable company celebrations.
- Global Collaboration & Events: Opportunities to participate in international company events and initiatives, connecting with colleagues from all regions and contributing to a truly global community
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Compliance Specialist overseeing regulatory adherence for youth programs in Gainesville. Ensuring DCF compliance and supporting youth program safety and integrity.
Technologist at FortisBC ensuring compliance with BCUC Critical Infrastructure Protection Standards. Focus on integrating business technology and providing technical support.
Compliance Examiner Business Lead at Freddie Mac conducting on - site examinations and ensuring financial activities align with laws. Engaging with financial institutions to enhance operational effectiveness.
Compliance Professional supporting Freddie Mac's investment and ethics policies. Engaging with compliance risks and overseeing regulatory obligations to promote best practices.
Compliance Officer at Hewlett Packard Enterprise ensuring adherence to compliance regulations, managing AML programs, and conducting risk assessments. Driving compliance culture across markets and delivering training to employees.
Risk Manager at Cisco Capital ensuring regulatory compliance and effective risk management practices. Focus on safeguarding financial health and collaboration within an international environment.
Regulatory Reporting Specialist managing outsourced reporting service providers in Germany and Spain. Ensuring compliance with banking regulations and supporting audits and reviews.
Assisting partners at Clyde & Co with business inception processes and anti - money laundering procedures. Involves reviewing requests and conducting conflict checks within the firm's compliance framework.
Senior Analyst, OSS Compliance managing open - source software assets for The Hartford. Ensuring compliance and visibility into OSS usage as part of software asset management process.