职责:
Maintain and evolve ROOTKey's compliance framework across DORA, NIS2 and GDPR for European clientsLead SOC2 and ISO27001 certification and audit processes to meet US and enterprise buyer requirementsPartner with Sales to support due diligence, security questionnaires, and RFPs across EU, MENA and US dealsWork with Engineering to translate regulatory and certification requirements into product and infrastructure controlsMonitor the evolving regulatory landscape across ROOTKey's target markets and advise leadership accordinglyOwn internal policies, training, and audit-readiness documentation任职要求:
3-5+ years of experience in compliance, GRC, or information security within a regulated or B2B SaaS environmentHands-on experience with DORA, NIS2, and/or GDPRExperience leading or supporting SOC2 and/or ISO27001 certification processesAbility to translate regulatory language into clear, actionable guidance for Sales, Product and EngineeringComfortable operating in a fast-moving, cross-border scaleup environment附加信息:
ROOTKey is a startup/scaleup - you'll build the compliance function, not just maintain oneHardware and home-office budget10 flexible remote working days per month, to use as you see fitA paid day off on your birthday为什么选择 ROOTKey
你将在一个已实现 99.9% 正常运行时间 SLA、恢复窗口低于 4 小时的基础设施之上构建产品,受监管组织正是依靠它来让自己的合规证据经得起审查。这项使命说起来简单,做起来很难:让信任可验证,而不是默认成立。