Publicada el 14 junio
Misión del puesto
We are looking for a GRC Lead to own and scale our Governance, Risk, and Compliance function within a fast‑growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way.You will act as the main driver of our compliance strategy, working cross‑functionally with Engineering, Security, Legal, Finance, and Product teams.What you will do- Own and lead the company’s GRC strategy across SOX, ISO 27001, and GDPR- Design, implement, and maintain SOX control frameworks, including documentation, testing, and audit readiness- Build and manage the Information Security Management System (ISMS) aligned with ISO 2001- Ensure GDPR compliance across all data processing activities, including data mapping, DPIAs, and privacy controls- Lead internal and external audits, acting as the primary point of contact for auditors- Identify compliance gaps and drive remediation plans with technical and non‑technical teams- Develop governance policies, procedures, and risk management frameworks- Partner closely with Engineering and Security teams to embed controls into systems and SDLC processes- Monitor regulatory and compliance changes and translate them into actionable requirementsRequirements- 8+ years of experience in GRC, Risk, Compliance, or IT Audit roles- Strong hands‑on experience with SOX compliance programs (design, testing, audit coordination)- Solid knowledge of ISO 2001 and experience managing or supporting ISMS implementation- Practical experience with GDPR in a product or corporate environment- Experience working with internal and external auditors- Strong stakeholder management and communication skills across technical and non‑technical teamsAbility to translate regulatory requirements into scalable business processes- Fluent EnglishNice to have- Experience in SaaS or product‑led companies- Experience in Big 4 (Deloitte, EY, PwC, KPMG) or similar audit environments- Familiarity with cloud environments (AWS, GCP, Azure)- Security certifications (CISA, CISM, ISO 2001 Lead Implementer/Auditor)#J-18808-Ljbffr
