Operational Governance, Risk management, and Compliance (GRC) Officer

modulus is a trusted telecom provider from 2012, that empowers businesses with seamless, boundary-free communication through our advanced network infrastructure. As tech experts, we listen to and understand our clients' needs, crafting innovative solutions that both connect and significantly enhance their business operations worldwide.

We seek a skilled or adaptable professional to aid in the implementation, operation and continuous evolution of an Integrated Management System, aiming to streamline our operations in terms of Operational Governance, Risk management, and Compliance.

Responsibilities:

• Lead our Operational Governance, Risk, and Compliance (GRC) operations to achieve and maintain adherence to numerous compliance requirements around the following domains, under a unified Integrated Management System:
  - Quality assurance (ISO 9001)
  - Information Security (ISO 27001)
  - Business Continuity (ISO 22301)
  - Privacy Information Management (ISO 27701) / GDPR
• Monitor the regulatory and legal frameworks for changes, and help implement any changes in said IMS. Example authorities with oversight over such frameworks include:
  - The Hellenic Authority for Communication Security and Privacy (ΑΔΑΕ)
  - The Hellenic Data Protection Authority (ΑΠΔΠΧ)
  - The Hellenic Telecommunications and Post Commission (ΕΕΤΤ)
• Supervise the process of drafting policies and processes, identify any deviations, and undertake necessary action to rectify them.
• Perform internal audits on operational compliance with requirements set in the integrated management system, aid in preparing for external audits by organizing documentation, conducting preliminary reviews, and addressing any identified gaps.
• Examine and approve requests for updating policies and processes in collaboration with the responsible departments within the IT Division.
• Take over as a facilitator in the process of informing and training the organization's IT personnel on IT governance and compliance matters by providing executive sponsorship to enhance the effective adoption of policies, processes and systems.
• Prepare and present reports/metrics to assess the efficiency of procedures in effect, identifying areas of concern.
• Approve and supervise the implementation and operation of new IT Governance Functions and improve existing ones where shortcomings are identified.
• Initiate any periodic processes (such as risk assessments, audits, other controls) required, and ensure their timely completion by all involved parties.
• Collaborate with various departments, such as legal, finance, IT, and human resources, to ensure alignment on compliance objectives and initiatives.
• Help to identify and deploy software tools which can help document, implement, manage and automate the lifecycle of the IMS.
• Monitor emerging trends in GRC and help inform decision-making and continuous development.
• Interface with external consultants to request their input as needed in any of the responsibilities above.

Benefits:

• A pleasant and friendly environment with great office amenities and an open space philosophy
• Private health and medical insurance coverage plan for you and your family
• Meal vouchers via Ticket Restaurant e-card
• Access to an online self-improvement and mental health platform
• Collaboration with experienced colleagues who are willing to help you expand your knowledge and develop your skills
• Opportunity to be part of an innovative tech company working on cutting-edge technologies, with significant room for experimentation and research
• Excellent opportunities for career growth in our rapidly growing company

Must have:

• 1+ year of experience in any of the following areas:
  - Management Systems design and implementation in the Tech sector
  - Project/Operations Management in the Electronic Communications industry
  - GRC management
  - Auditor in the context of Management Systems
  - Information Security Officer or Data Protection Officer
• Knowledge of/experience with GDPR, the privacy of communications framework, and other similar legislation
• Strong verbal and written communication skills in Greek and English
• Experience in creating and updating company policy, procedures, and controls
• Familiarity with change management processes

• Basic knowledge of a diagram-editing software, such as draw-io
• Having been involved in the development or implementation of an Integrated Management System
• Having had a role in compliance at an entity operating in the electronic communications sector
• Any experience with other security frameworks such as NIST or PCI DSS