Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Omilia - Conversational Intelligence

GRC Manager

Omilia - Conversational Intelligence

GRC Manager managing compliance with ISO 27001, SOC 2, and related frameworks at Omilia. Operating end-to-end compliance for enterprise clients in regulated industries.

Posted 7/7/2026full-timeRemote • 🇬🇷 GreeceMid-LevelSeniorWebsite

About the role

Key responsibilities & impact
  • Own the full lifecycle of ISO 27001, SOC 2 Type II, C5, PCI-DSS, and Cyber Essentials certifications: scoping, evidence library, audit coordination, management responses, and remediation tracking.
  • Own the GDPR operational compliance framework: DPIA process, LIA and TIA governance, RoPA maintenance, breach response documentation, and cross-border transfer mechanisms in collaboration with the DPO.
  • Maintain active compliance frameworks for DORA, NIS2, HIPAA, CCPA/CPRA, and the EU Data Act, maintaining current obligation tracking and client assurance artefacts.
  • Own breach and incident response governance end to end: process, regulatory notification decision support, Art. 33/34 documentation, and the regulatory notification register.
  • Drive control owner accountability without direct authority: translate regulatory obligation into business consequence, manage evidence deadlines, escalate where necessary.
  • Manage the ISMS evidence library, own the certification body relationship for ISO 27001 and C5.
  • Coordinate SOC 2 Type II readiness: TSC scoping, evidence collection, auditor engagement, report distribution, and management response drafting.
  • Maintain the RoPA, conduct DPIAs and LIAs, and manage data subject rights governance under GDPR.
  • Track and implement obligations under DORA, NIS2, HIPAA, CCPA/CPRA, EU Data Act, and Cyber Resilience Act as live regulatory requirements, not awareness items.
  • Coordinate BAA execution and PHI obligation documentation with Legal for healthcare accounts.
  • Run the compliance deliverable tracker; close loops on evidence collection without being managed.
  • Translate regulatory obligations into plain-language business impact and secure timely responses from technical and product stakeholders who do not report to this role.
  • Manage the end-to-end coordination of client compliance audits: evidence packs, management responses, findings remediation.
  • Maintain and administer the GRC automation platform, including uploading evidence and monitoring control status.

Requirements

What you’ll need
  • 4 to 8 years in the GRC field, with the majority in regulated B2B technology or SaaS environments.
  • ISO 27001 Lead Auditor or Lead Implementer credential (mandatory).
  • Demonstrated end-to-end SOC 2 Type II ownership: scoping, evidence coordination, auditor management, and management response, not just participation.
  • GDPR practitioner depth: DPIA, RoPA, data subject rights, cross-border transfer mechanisms (SCCs, BCRs). Not a legal role, but Regulation-level fluency is required.
  • Active working knowledge of DORA and NIS2 as live compliance obligations; familiarity with HIPAA BAA coordination and US state privacy law tracking (CCPA/CPRA) is a strong advantage.
  • Experience with a GRC automation platform at an operational level, not just as a user.
  • Soft and Behavioural Skills
  • Runs a personal compliance tracker, closes loops independently, and does not require follow-up to meet deadlines.
  • Translates regulatory obligation into business consequence in plain language and drives timely response from technical teams and product stakeholders without formal authority.
  • Treats business pushback as the beginning of a process, not the end: documents, escalates, and tracks to resolution.
  • Comfortable being the compliance practitioner in the room during an audit: composed, prepared, and accountable for management responses.
  • Operates with minimal supervision in a small, high-output team where there is no large department to absorb operational errors or deadline slippage.

Benefits

Comp & perks
  • Fixed compensation;
  • Long-term employment with the working days vacation;
  • Development in professional growth (courses, training, etc);
  • Being part of successful cutting-edge technology products that are making a global impact in the service industry;
  • Proficient and fun-to-work-with colleagues;
  • Apple gear.

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
ISO 27001 ManagementSOC 2 Type II CoordinationGDPR ComplianceDPIA Process ManagementRoPA MaintenanceBreach Response DocumentationRegulatory Notification ManagementEvidence CollectionAudit CoordinationClient Compliance Audits
Soft Skills
Independent Deadline ManagementEffective CommunicationProblem-SolvingComposure Under PressureStakeholder Engagement
Certifications
ISO 27001 Lead AuditorISO 27001 Lead Implementer