Engineering Graduate at Hubbell, responsible for determining Country of Origin for products. Involves data analysis, regulatory compliance, and meeting monthly targets.
About the role
- Governance, Risk & Compliance Specialist managing security compliance for Skroutz while operationalizing key regulatory and legal requirements. Collaborating across teams to ensure ongoing compliance.
Responsibilities
- Execute the Roadmap: You will implement the security strategy set by the CISO, ensuring entities meets the requirements of an "Important Entity" under NIS2 (Law 5160/2024) while ensuring full compliance with relevant national and European regulations (EU AI Act, CRA, DSA etc.)
- Manage Regulatory Relations: You will handle day-to-day communications and submissions to authorities (ADAE, EETT). Note: Ultimate regulatory accountability remains with the CISO, but you will ensure we are organized, timely, and compliant.
- Policy & Documentation: Draft and maintain internal Information Security & Data Protection policies, the Policy for Assurance of Secrecy of Postal Services and other required ISMS documentation. You will work with the SRE teams to ensure these policies are practical, not just theoretical.
- Collaboration with DPO: Work closely with our specialized DPO team to align data privacy efforts with security controls, policies and procedures and further specifically regarding marketplace and courier service privacy regulations.
- Incident Response : Be a primary point of contact for Incident Response procedures and ensure IR Plans are drafted, maintained, improved upon and executed as necessary, coordinating IR activities as needed with relevant stakeholders
- ISO 27001 Prep: Lead the groundwork for future ISO 27001 certification. You will perform gap analyses and coordinate with engineering teams to close those gaps.
- Audit Facilitation: Act as the primary coordinator during external audits. You will prepare the evidence, schedule the sessions, and assist the CISO in demonstrating compliance.
- Risk Management: Maintain and assist in updating the Skroutz risk register. Perform internal and third-party risk assessments and audits to align with group risk appetite and risk management frameworks
Requirements
- Experience: 3+ years in Information Security Governance, Risk Management, or Compliance.
- Regulatory Fluency: Ability to interpret Greek regulations (FEK, ADAE guidelines) and translate them into actionable tasks for technical teams.
- Framework Knowledge: Familiarity with ISO/IEC 27001. Experience implementing or maintaining an ISMS is highly valued.
- Collaborative Mindset: Be an enabler and a business driver. You can explain why a control is needed to an engineer without blocking their workflow while finding alternatives to achieve compliance.
- Communication: Excellent command of Greek and English. You will draft formal documents for Greek authorities and technical reports in English.
- *Nice to Have*
- *Experience in a regulated sector (Telecoms, Logistics, Banking) or familiarity with ADAE/EETT specificities.*
- *Technical background (IT, Admin, or Engineering) that helps you understand the infrastructure you are protecting.*
- *Certifications: CISA, CISM, CRISC, or ISO 27001 Lead Auditor/Implementer.*
Benefits
- A great opportunity to contribute to the evolution of Skroutz towards becoming one of Europe’s fastest growing Marketplaces
- Thrive in an environment that champions ambitious goals, empowers autonomy, fosters mentoring, and unlocks exciting opportunities for both personal and business growth
- Competitive full-time salary
- Ongoing training and development
- Access to books, online courses, and relevant resources
- Top of the Line tools and equipment
- Private Medical Plan
- Hybrid Working
- Free gym membership at Golden Gym in Athens, plus OAKA cross training & running courses, Padel and online yoga
- For all New Skroutz Fathers we offer 30 working days paternity leave (1,5 months in total)
- Monthly childcare allowance for all Skroutz Parents
- When at the office, we offer free food catering (breakfast & lunch)
- Free Skroutz Plus subscription
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Location requirements
Senior Regulatory Affairs Specialist collaborating with cross - functional teams on regulatory strategy for medical device products at Siemens Healthineers. Ensuring compliance with global regulatory requirements and supporting product development efforts.
Compliance Manager ensuring regulatory compliance and managing compliance team at Thndr, an asset management firm democratizing investing access across MENA region.
Senior Trade Compliance Analyst ensuring compliance with international regulations at Alpargatas. Monitoring and managing customs procedures and trade compliance policies.
Compliance Coordinator managing project compliance for DOF in Aberdeen, UK. Supporting the compliance team to ensure adherence to regulations and internal requirements.
Support regulatory submissions and document management at ICON plc, a leading clinical research organization. Requires fluency in English and Russian with operational publishing responsibilities.
Regulatory Reporting Manager supporting growth and regulatory changes at Starling Bank. Leading reporting for regulatory returns with a focus on Bank of England and capital related returns.
Compliance Manager overseeing regulatory risk management and compliance for a fintech company. Driving risk mitigation with a focus on consumer protection and AML regulations in Mexico.
GRC Consultant providing governance, risk management, and compliance advisory projects at Thales in Madrid. Collaborating on regulatory frameworks and cybersecurity governance with a Focus on IT and telecommunications.
Senior Compliance Specialist supporting the implementation and improvement of compliance frameworks at a Swiss cybersecurity company. Focused on legal, audit and compliance in a hybrid role based in Zürich.