
Posted 5 hours ago
Technology Compliance & Risk Analyst
PatriannaTechnology Compliance & Risk Analyst (GRC)
Requirements
Experience in GRC, IT audit, or vendor risk, Proficiency in vendor due diligence and security questionnaires, Knowledge of ISO 27001, ISO 31000, and GDPR, Strong written communication skills
Skills
ComplianceISO 27001GDPR
About the role
About the Company
Patrianna is a fast-scaling product development company headquartered in Gibraltar, operating at the intersection of technology and entertainment. We build innovative solutions for social gaming, delivering outstanding experiences to millions of players worldwide.
Responsibilities
- Own the full vendor risk lifecycle including due diligence, security questionnaires, risk rating, and contractual safeguards
- Maintain the supplier register and drive reassessment cadence based on criticality
- Track fourth-party dependencies and concentration risk in alignment with DORA and ISO 27001
- Support ISMS policy maintenance, control mapping, and evidence collection for audit readiness
- Execute risk assessments using ISO 31000-aligned methodology and contribute to RCSA workshops
- Support privacy operations including RoPA maintenance, DPIAs, and data subject requests
- Prepare third-party risk materials for governance committees
Requirements
- Proven track record in GRC, IT audit, vendor risk, or information security
- Practical experience running vendor due diligence and security questionnaires (SIG, CAIQ, or equivalent)
- Working knowledge of ISO/IEC 27001:2022, ISO 31000, and GDPR processor obligations
- Strong independent thinking and ability to propose control improvements
- Pragmatic compliance mindset that balances rigor with business momentum
- Precise and confident written communication skills
Preferred Qualifications
- Experience in iGaming, fintech, or other regulated sectors
- Exposure to TPRM/GRC platforms such as OneTrust, ProcessUnity, Whistic, or CISO Assistant
- Certifications such as ISO 27001 Lead Implementer/Auditor, CTPRP, CIPP/E, CISA, or CRISC
- Familiarity with SOC 2 Type II or PCI-DSS supplier scoping
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeTechnology Compliance & Risk Analyst
Patrianna · Bulgaria
