Governance, Risk, and Compliance Manager

As the Governance, Risk, and Compliance Lead, you will play a vital role in ensuring our organization operates within regulatory frameworks and complies with relevant industry standards. You will be responsible for developing and implementing policies, procedures, and controls to mitigate risks and protect sensitive information. Working closely with cross-functional teams, you will provide guidance, oversight, and strategic direction to ensure adherence to internal and external requirements.

Your Mission

- Develop and implement a comprehensive governance, risk, and compliance framework for the organization.
- Collaborate with stakeholders to establish and maintain policies, procedures, and controls aligned with applicable laws, regulations, and industry standards.
- Conduct regular risk assessments and vulnerability analyses to identify potential security gaps and recommend appropriate risk mitigation strategies.
- Coordinate and oversee compliance audits, assessments, and certifications, such as ISO 27001, SOC 2, or other relevant standards.
- Manage the day-to-day activities related to information security governance, risk management, and compliance functions.
- Provide guidance and support to cross-functional teams, ensuring they understand their roles and responsibilities in maintaining compliance.
- Monitor and prepare reports on compliance with regulatory requirements and internal policies.
- Establish and maintain relationships with external auditors, regulatory bodies, and other relevant stakeholders to facilitate compliance-related activities.

Your Story

- Bachelor's degree in Computer Science, Information Technology, Business Administration, or a related field.
- Proven experience (3+ years) in governance, risk management, and compliance roles within the information security domain.
- Strong knowledge of industry standards, regulations, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, etc.).
- Familiarity with conducting risk assessment, and third-party risk assessments.
- Experience managing compliance audits and certifications (e.g., ISO 27001, SOC 2).
- Excellent understanding of information security principles and best practices.
- Strong analytical and problem-solving skills, with the ability to assess and mitigate risks proactively.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively across teams and levels of the organization.
- Self-motivated, detail-oriented, and able to work independently with minimal supervision.

Meet The Team

You will be part of a cross-organizational IT-Team. You have a lot of freedom to be creative and experiment and to expand your professional knowledge. We encourage you to continuously improve efficiency, finding new ways of working with the team members, while at the same time enjoying work with like-minded people. We live agile values, not just talk about it.

What We Offer

On is a place that is centered around growth and progress. We offer an environment designed to give people the tools to develop holistically - to stay active, to learn, explore and innovate. Our distinctive approach combines a supportive, team-oriented atmosphere, with access to personal self-care for both physical and mental well-being, so each person is led by purpose.

On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination.