Senior GRC Analyst

Nasze wymagania: 3+ years of experience delivering compliance services in a corporate environment focused on IT General Controls (ITGC), SOC 2, ISO 27001, PCI DSS, and EU NIS2. Profound knowledge of data privacy directives including GDPR and CCPA/CPRA. Proven ability to interpret complex compliance regulations and map them to specific system implementations and security frameworks. Experience supporting third-party risk management programs and data privacy operations. Expertise in developing and executing security awareness initiatives and technical training modules. Strong organizational skills with the ability to provide services independently in a high-growth environment. Prior experience providing services within SaaS environments, specifically involving Cloud and AWS infrastructure. Industry certifications such as CISA, CISM, or CISSP are highly regarded. Zakres obowiązków: Lead end-to-end compliance readiness for NIS2 and provide alignment services across key frameworks including PCI DSS, CSRD, ISO/SOC, and the EU AI Act. Plan and execute internal control assessments and coordinate external compliance audits on a defined cadence. Translate regulatory requirements into practical controls and drive cross-functional implementation across international technical units. Manage remediation processes by tracking findings, evidence, and deadlines, providing regular status reports to primary stakeholders. Enhance GRC maturity through continuous monitoring, comprehensive documentation, and technical guidance for other contributors. Evaluate and validate the design and operational effectiveness of security policies, standards, and internal controls to mitigate compliance risk. Develop accurate technical reports and presentations regarding the compliance landscape for executive and technical stakeholders. Oferujemy: Global collaboration at scale: Collaborate with experienced engineers and product partners across HelloTech’s international teams, in a culture of active knowledge sharing. Technology with real-world impact: Build and operate modern systems at global scale, supporting 6+ millions of customers and complex supply chain operations. Technical/Product/Design leadership: Drive best practices and influence architecture/design, quality, and ways of working in an autonomous, product-led setup. End-to-end development/delivery: Drive decisions from problem definition to production, improving systems and enabling long-term scalability. Access to workspace at Warsaw Centre Point. The hub offers modern facilities including showers, breakout zones, outdoor space, cycle parking, and refreshments (coffee, soft drinks, and fruit).