Governance Risk and Compliance Expert (GRC)

TL;DR

Governance Risk and Compliance Expert (GRC): Ensuring IT operations comply with data privacy and protection standards with an accent on EU regulations and GDPR. Focus on conducting privacy impact assessments, designing compliance testing activities, and managing technical arrangements for personal data protection.

Location: Remote (Poland)

Company

hirify.global is the ICT arm of the Qualco Group, providing comprehensive solutions across AI, Digital Engineering, Cloud, and Cybersecurity.

What you will do

• Ensure compliance of IT operations with data privacy and protection standards, laws, and regulations.
• Design, implement, and audit compliance testing activities to identify and resolve gaps.
• Conduct privacy impact assessments (DPIAs) and review records of processing activity (RoPAs).
• Provide legal advice and guidance on personal data processing and protection standards.
• Develop, maintain, and train staff on data privacy policies and procedures.
• Manage legal aspects of information security and third-party relations.

Requirements

• Master's degree and minimum 5 years of IT professional experience.
• At least 5 years of personal data protection compliance experience in an ICT or EU institutional environment.
• Hands-on experience preparing and reviewing RoPAs, DPIAs, DPA, and TIA documentation.
• Experience analyzing technical arrangements, including access rights, logs, SIEM, and data flows.
• English: C2 (Native or near-native) required.
• At least 3 certifications among CISA, CISM, GSNA, GCCC, ISO 27001, ISO 27005, CAP, CRISC, or CISSP-ISSMP.

Culture & Benefits

• Full remote work opportunity.
• Inclusive culture that promotes and retains talent based on ability and behavior.
• Strict adherence to EU GDPR for all recruitment data processing.