XTEL

Governance Risk & Compliance Analyst

XTEL

full-time

Posted on:

Location Type: Hybrid

Location: BolognaItaly

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AzureCloud

About the role

  • Support the ongoing operation and improvement of XTEL’s ISMS
  • Draft, review, and maintain security & compliance policies, standards, and procedures
  • Manage internal and external audits (ISO 27001, SOC 2)
  • Help monitor compliance obligations across frameworks including ISO 27001, SOC 2, SOC 1/ISAE 3402, GDPR, and NIS2
  • Assist with risk assessments and treatment plans
  • Contribute to Third Party Risk Management (TPRM) efforts
  • Assist with client security questionnaires, RFPs, and due diligence requests
  • Support ESG initiatives by collecting, analyzing, and reporting on sustainability metrics
  • Assist in responding to customer RFPs and inquiries related to ESG

Requirements

  • 2-5 years of experience in security, compliance, or risk management roles, particularly in cloud based SaaS environments
  • Hands on experience with ISO 27001 and SOC 2
  • Comfortable working on multiple concurrent projects
  • Organized, self-directed, and thrive in ownership environments
  • Experience using GRC platforms such as Drata, Vanta, Secureframe, etc. (nice to have)
  • Experience within Microsoft 365 and Azure environments (nice to have)
  • Experience with automation, low-code tools, or scripting to improve workflows and documentation processes (nice to have)
Benefits
  • Hybrid or full remote working set-up (Technology center in Casalecchio di Reno, Bologna, Italy)
  • Flexible working hours
  • Competitive Salary Package and Bonus scheme
  • A challenging role in a fast-growing AI-driven company
  • A diverse and international team with strong ownership and a can-do mentality
  • Opportunities to contribute meaningfully to the organization’s growth and development
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
ISO 27001SOC 2risk managementcompliancesecurity policiesrisk assessmentsThird Party Risk Managementautomationlow-code toolsscripting
Soft Skills
organizedself-directedownershipmulti-project management