This is a fully remote position, open to applicants in Italy.

• Support the continuous operation and enhancement of XTEL’s Information Security Management System (ISMS).

• Draft, review, and maintain policies, standards, and procedures related to security and compliance.

• Oversee internal and external audits, including ISO 27001 and SOC 2.

• Assist in monitoring compliance obligations across various frameworks.

• Participate in risk assessments and develop treatment plans.

• Contribute to our Third Party Risk Management (TPRM) initiatives.

• Aid in responding to client security questionnaires, Requests for Proposals (RFPs), and due diligence inquiries.

• Support Environmental, Social, and Governance (ESG) initiatives by gathering, analyzing, and reporting sustainability metrics.

• Help respond to customer RFPs and inquiries related to ESG matters.

• Collaborate with stakeholders from IT, Product, Engineering, HR, and other departments to implement security controls.

• Continuously seek opportunities to automate, streamline, and modernize compliance and security operations management.

• Contribute to incident response as well as Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP) activities.

• 2-5 years of experience in security, compliance, or risk management roles, especially in cloud-based SaaS environments.

• Practical experience with ISO 27001 and SOC 2, with a preference for candidates who have directly managed these audits.

• Ability to manage multiple concurrent projects effectively.

• View Governance, Risk, and Compliance (GRC) as more than just documentation and spreadsheets.

• Experience in supporting or managing ISMS operations and understanding the practical application of policies and procedures.

• Involvement in or support of risk assessment processes.

• Highly organized, self-motivated, and thrive in environments that enable ownership.

• Nice to have: Experience with GRC platforms such as Drata, Vanta, Secureframe, etc.

• Familiarity with Microsoft 365 and Azure environments.

• Experience in automation, low-code tools, or scripting to enhance workflows and documentation processes.

• Hybrid or fully remote working arrangement (Technology center located in Casalecchio di Reno, Bologna, Italy).

• Flexible working hours.

• Competitive salary package along with a bonus scheme.

• A challenging position in a rapidly growing AI-driven company.

• A diverse and international team with a strong sense of ownership and a proactive attitude.

• Opportunities to make meaningful contributions to the organization’s growth and development.

Governance Risk & Compliance Analyst

People also viewed