We are looking for a GRC Lead to own and scale our Governance, Risk, and Compliance function within a fast‑growing product company. This is a key role responsible for ensuring compliance with SOX, ISO 27001, and GDPR, while enabling the business to move fast in a secure and controlled way.

You will act as the main driver of our compliance strategy, working cross‑functionally with Engineering, Security, Legal, Finance, and Product teams.

What you will do

• Own and lead the company’s GRC strategy across SOX, ISO 27001, and GDPR
• Design, implement, and maintain SOX control frameworks, including documentation, testing, and audit readiness
• Build and manage the Information Security Management System (ISMS) aligned with ISO 2001
• Ensure GDPR compliance across all data processing activities, including data mapping, DPIAs, and privacy controls
• Lead internal and external audits, acting as the primary point of contact for a...