Senior IT Compliance Manager

Summary

Join GROPYUS, a company revolutionizing sustainable and affordable building through modular construction, as a Senior IT Compliance Manager. You will be responsible for ensuring IT systems and processes comply with regulations and internal policies. This involves developing and implementing compliance programs, conducting risk assessments, and providing compliance guidance. A strong technical background in software development and cloud technologies is essential. The role also includes internal and external audit coordination, employee training, and reporting to senior management. GROPYUS offers a flexible work environment, focusing on results and employee ownership.

Requirements

• In-depth understanding of compliance frameworks such as ISO 27001, NIST 800 and good to know other frameworks and regulations also like BSI 200, NIS2, etc
• Proficiency in Information security and IT systems to understand the technical designs of systems
• Experience with cloud platforms such as AWS, Azure, or Google Cloud, including knowledge of cloud security and compliance best practices
• Strong skills in risk assessment, control frameworks, and process improvement models
• Experience with compliance and audit tools, such as GRC (Governance, Risk, and Compliance) software
• Relevant certifications such as ISO/IEC 27001, CISA, CISM or similar
• Ability to analyze complex IT processes and identify compliance risks and improvement opportunities
• Excellent written and verbal communication skills to articulate compliance requirements and findings to both technical and non-technical audiences
• Bachelor’s or Master’s degree in Information Systems,Business Administration, or a related field
• Minimum of 4-8 years of experience in IT compliance, with a focus on managing compliance programs and conducting audits

Responsibilities

• Create and manage IT, Information security and Business continuity compliance programs to ensure adherence to regulatory requirements such as GDPR and other applicable laws and regulations
• Conduct regular risk assessments and develop mitigation strategies to address identified risks
• Draft, modify, and implement IT policies and IT relevant processes and procedures to ensure compliance with legal and regulatory standards
• Coordinate and conduct internal audits to monitor compliance with IT policies and procedures. Act as the primary point of contact for external audits
• Develop and deliver training programs to educate employees on IT compliance requirements and best practices
• Prepare and present compliance reports to senior management and regulatory bodies as required
• Work closely with IT, legal, and business teams to ensure compliance requirements are integrated into business processes and IT systems
• Oversee compliance for cloud-based systems and services, ensuring that cloud deployments adhere to regulatory requirements and internal policies
• Conduct IT Risk assessments for business teams and closely follow up of risk mitigations

Preferred Qualifications

Professional certifications in compliance and IT security are highly desirable

Benefits

• You choose if you work from home, a park, or the office. Whether you start your day early, after your run, or pick up on work when your kids are in bed. What counts is your contribution and delivery
• Participate in the success of GROPYUS through stock options