Responsabilidades:
Maintain and evolve ROOTKey's compliance framework across DORA, NIS2 and GDPR for European clientsLead SOC2 and ISO27001 certification and audit processes to meet US and enterprise buyer requirementsPartner with Sales to support due diligence, security questionnaires, and RFPs across EU, MENA and US dealsWork with Engineering to translate regulatory and certification requirements into product and infrastructure controlsMonitor the evolving regulatory landscape across ROOTKey's target markets and advise leadership accordinglyOwn internal policies, training, and audit-readiness documentationQualificações:
3-5+ years of experience in compliance, GRC, or information security within a regulated or B2B SaaS environmentHands-on experience with DORA, NIS2, and/or GDPRExperience leading or supporting SOC2 and/or ISO27001 certification processesAbility to translate regulatory language into clear, actionable guidance for Sales, Product and EngineeringComfortable operating in a fast-moving, cross-border scaleup environmentInformação Adicional:
ROOTKey is a startup/scaleup - you'll build the compliance function, not just maintain oneHardware and home-office budget10 flexible remote working days per month, to use as you see fitA paid day off on your birthdayPorquê a ROOTKey
Vais construir sobre uma infraestrutura que já opera com um SLA de disponibilidade de 99,9% e uma janela de recuperação inferior a 4 horas, na qual organizações reguladas confiam para tornar defensáveis as suas evidências de conformidade. A missão é simples de enunciar e difícil de executar: tornar a confiança verificável, não implícita.