🛠 Tech Stack

💼 About This Role

You'll lead end-to-end compliance readiness for NIS2 and support alignment across key frameworks like PCI DSS and ISO 27001. You'll own remediation management and drive cross-functional implementation across international teams. This role offers a chance to improve GRC maturity at a fast-growing tech company.

🎯 What You'll Do

• Lead end-to-end compliance readiness for NIS2 and other frameworks.
• Plan and execute internal control assessments and coordinate external audits.
• Translate regulatory requirements into practical controls across teams.
• Own remediation management: track findings, evidence, and deadlines.
• Improve GRC maturity through monitoring, documentation, and mentoring.

📋 Requirements

• 3+ years experience in compliance (ITGC, SOC 2, ISO 27001, PCI DSS, NIS2).
• Ability to interpret regulations and map to system implementations.
• Experience with data privacy regulations (GDPR, CCPA) and third-party risk.
• Experience developing and executing security awareness programs.

✨ Nice to Have

• Industry certifications like CISA, CISM, CISSP.
• Prior experience in SaaS environment with cloud and AWS.

🎁 Benefits & Perks

• 💰 Competitive compensation with pension scheme and relocation support.
• 🥗 Discounted HelloFresh box and office meals.
• 📚 German language learning budget and HelloFresh Academy access.
• 🧘 Well-being support including Headspace and Spill subscriptions.
• 🏋️ 24/7 gym access and sabbatical leave options.

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter Screen· 30 min
2. 2Hiring Manager Interview· 45 min
3. 3Technical Assessment· 60 min