GRC Analyst

2 months, 1 week ago
Full-time
Junior
Cybersecurity
Flip App

Flip App

Flip is the employee app reshaping workplace communication by empowering every employee with a digital workspace for effective communication and workflow management.

Internet Software & Services
51-250
Founded 2018

Description

  • Own the day-to-day administration and continuous improvement of the ISMS, TISAX assessments, SOC 2 Type II controls, and Cyber Essentials Plus recertification.
  • Coordinate internal and external audits end to end, including evidence collection, packaging, presentation, auditor walkthroughs, and remediation follow-up.
  • Act as the liaison between security/control owners in Engineering and HR and translate compliance requirements into actionable workflow tasks.
  • Maintain the risk register, coordinate quarterly risk reviews, and track treatment plans to completion.
  • Draft, version-control, and maintain a large policy set across the compliance program.
  • Support data privacy operations, including RoPA, DPAs, and Data Subject Requests under GDPR.
  • Plan and deliver security awareness training and phishing simulations.
  • Maintain and update Trust Centre content for client-facing security and compliance communications.

Requirements

  • 2–4 years of experience in a GRC or Information Security role.
  • Strong hands-on experience with ISO 27001 and at least one additional framework such as TISAX, SOC 2, or Cyber Essentials Plus.
  • Experience managing a substantial policy lifecycle, including 50+ policies, and maintaining risk registers and treatment plans.
  • Solid understanding of how SaaS companies operate and the ability to translate compliance needs for engineering and product teams.
  • Excellent communication skills in both English and German (business fluent).
  • Background in B2B SaaS or tech start-up environments with approximately 100–300 employees (preferred).
  • Familiarity with GRC tooling, audit management platforms, or compliance automation tools (preferred).
  • Experience working directly alongside engineering teams (preferred).

Benefits

  • Remote-first work with flexibility to work from home.
  • Occasional in-person collaboration in the Berlin or Stuttgart offices with advance notice.
  • Company-covered E-Gym-Wellpass membership.
  • Job bike leasing.
  • Regular team events and culture days.
  • Opportunity to work abroad within the European Union.
  • Relaxed working atmosphere with a motivated team.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Associate, Compliance

GLG 5K-10K Professional Services

GLG is hiring a Compliance Senior Analyst in Shanghai to support expert screening, compliance surveillance, and day-to-day policy guidance for internal teams across China-related engagements.

15 hours, 55 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking project-based compliance contributors to test, evaluate, and improve AI systems through regulatory analysis and documentation work.

16 hours, 40 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking part-time contributors for project-based AI work focused on testing, evaluating, and improving compliance-related AI systems for leading tech companies.

16 hours, 55 minutes ago

Compliance Analyst - Freelance AI Trainer

Mindrift.ai: Be the “I” in AI Internet Software & Services

Mindrift is seeking part-time, project-based compliance contributors to test and document AI-related regulatory scenarios for leading tech companies.

16 hours, 55 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers