Job Description

Job Scope:

We are seeking a skilled

Governance, Risk and Security Compliance Specialist

to ensure our organization's compliance with regulatory requirements, industry standards, and internal security policies. The candidate will be responsible for designing, implementing, and maintaining compliance frameworks while supporting security awareness across the company.

Key Responsibilities:

1. Regulatory & Framework Compliance

Lead and maintain compliance with

DORA (Digital Operational Resilience Act)

, ensuring IT and operational resilience measures meet regulatory requirements. Ensure compliance with

VARA (Virtual Assets Regulatory Authority)

frameworks for virtual asset and digital financial services. Drive compliance initiatives for

GDPR

, including data protection impact assessments, data handling practices, and privacy-by-design principles. Manage and maintain

ISO 27001

Information Security Management System (ISMS), including documentation, risk assessments, and internal/external audit preparations.

2.Security Awareness

Develop, deliver, and track security awareness programs to build a security-first culture. Conduct phishing simulations, training sessions, and employee awareness campaigns to ensure strong adoption of best practices.

3.Audit & Risk Management

Coordinate with auditors and regulators for compliance reviews and assessments. Identify and mitigate compliance gaps, security risks, and process weaknesses. Maintain up-to-date knowledge of evolving regulations and ensure timely implementation of new requirements

4.Collaboration & Advisory

Work closely with IT, Legal, Risk, and Business teams to embed compliance requirements into processes and systems. Provide guidance on secure and compliant business practices for new projects and technologies. Supporting external audits including ISMS audits

Requirements:

Bachelor's degree in Information Security, Computer Science, or related field. Proven experience in

regulatory compliance (DORA, GDPR, VARA) and ISO 27001 management.

Strong understanding of information security frameworks and risk management practices. Experience in designing and conducting security awareness programs. Excellent communication, documentation, and stakeholder management skills. Professional certifications such as

CISM, CISSP, ISO 27001 Lead Implementer/Auditor, or CISA

are a plus
Job Type: Full-time

Pay: $6,000.00 - $7,000.00 per month

Benefits:

Dental insurance Health insurance
Work Location: In person