Governance Risk & Compliance Analyst

Job Description

Support the ongoing operation and enhancement of XTEL’s Information Security Management System (ISMS). Develop, revise, and maintain security and compliance policies, standards, and procedures. Oversee internal and external audits like ISO 27001 and SOC 2. Monitor compliance obligations across various frameworks. Participate in risk assessments and develop treatment plans. Contribute to Third-Party Risk Management (TPRM) initiatives. Assist with client security questionnaires, RFPs, and due diligence requests. Support ESG initiatives by gathering, analyzing, and reporting sustainability metrics. Help in responding to customer RFPs and inquiries related to ESG. Collaborate with stakeholders in IT, Product, Engineering, and HR to implement security controls. Continuously seek opportunities to automate, streamline, and modernize compliance and security operations. Contribute to incident response and Business Continuity Planning/Disaster Recovery Planning (BCP/DRP) and testing.

Qualifications

1. 2-5 years of experience in security, compliance, or risk management roles, specifically in cloud-based SaaS environments. 2. Practical experience with ISO 27001 and SOC 2, preferably with direct management of such audits. 3. Comfortable managing multiple concurrent projects. 4. Understand GRC as more than just documentation and spreadsheets. 5. Supported or managed ISMS operations and understand the value of policies and procedures. 6. Participated in or supported risk assessments. 7. Organized, self-directed, and thrive in environments that encourage ownership. 8. Nice to have: Experience with GRC platforms like Drata, Vanta, Secureframe, etc. 9. Experience within Microsoft 365 and Azure environments. 10. Experience with automation, low-code tools, or scripting to enhance workflows and documentation.

Benefits

- Hybrid or fully remote working setup (Technology center in Casalecchio di Reno, Bologna, Italy). - Flexible working hours. - Competitive salary package and bonus scheme. - A challenging role in a fast-growing, AI-driven company. - A diverse and international team that values ownership and a proactive attitude. - Opportunities for significant contributions to the organization’s growth and evolution.