Responsabilidades:
Maintain and evolve ROOTKey's compliance framework across DORA, NIS2 and GDPR for European clientsLead SOC2 and ISO27001 certification and audit processes to meet US and enterprise buyer requirementsPartner with Sales to support due diligence, security questionnaires, and RFPs across EU, MENA and US dealsWork with Engineering to translate regulatory and certification requirements into product and infrastructure controlsMonitor the evolving regulatory landscape across ROOTKey's target markets and advise leadership accordinglyOwn internal policies, training, and audit-readiness documentationRequisitos:
3-5+ years of experience in compliance, GRC, or information security within a regulated or B2B SaaS environmentHands-on experience with DORA, NIS2, and/or GDPRExperience leading or supporting SOC2 and/or ISO27001 certification processesAbility to translate regulatory language into clear, actionable guidance for Sales, Product and EngineeringComfortable operating in a fast-moving, cross-border scaleup environmentInformación adicional:
ROOTKey is a startup/scaleup - you'll build the compliance function, not just maintain oneHardware and home-office budget10 flexible remote working days per month, to use as you see fitA paid day off on your birthdayPor qué ROOTKey
Construirás sobre una infraestructura que ya funciona con un SLA de disponibilidad del 99,9% y una ventana de recuperación de menos de 4 horas, en la que organizaciones reguladas confían para hacer defendibles sus evidencias de cumplimiento. La misión es fácil de enunciar y difícil de ejecutar: hacer que la confianza sea verificable, no implícita.