Risk & Compliance Manager

Additional Information

Are you ready to elevate your career within one of Europe's leading IT companies? Devoteam is on the lookout for a talented and proactive Risk & Compliance Manager to join our growing team. If you're passionate about securing digital landscapes and driving impactful change, we want to hear from you!

Job Highlights:  

• Joining more than 10.000 talented colleagues around Europe 
• International career opportunity with diverse challenges
• A vibrant and supportive work environment in our modern Vilnius and Kaunas offices

Your Highlights?  

• You're a true owner: You take full responsibility and drive projects and tasks to successful completion.
• You're a person of integrity: Honesty, responsibility, and accountability are fundamental to how you work.
• You're a continuous learner: You actively seek opportunities to grow your soft and hard skills, always pushing beyond your comfort zone.
• You're a team player: You genuinely enjoy collaborating and are always ready to support your colleagues.  
• You're a hands-on driver: Organized and proactive, you're a self-starter who takes the initiative to get things done and solve problems.

Still with us? Then we might have a fantastic job opportunity for you!  

OUR NEW RISK & COMPLIANCE MANAGER

We're looking for a proactive and experienced Risk & Compliance Manager to join our team, reporting directly to the CISO. In this crucial role, you'll be developing, implementing, and maturing our risk and compliance programs, ensuring we meet industry standards and regulatory requirements. You'll lead certification efforts, enhance our risk management framework, and maintain a robust governance structure, all while translating complex technical concepts into clear business insights.

SOME OF YOUR RESPONSIBILITIES:  

• Manage end-to-end certification processes for various standards (e.g., ISO 27001, SOC2, Managed Service Provider (MSPs), from initial scoping to successful audit completion and certification delivery.
• Design, implement, and continuously improve a comprehensive risk management framework, including risk assessment methodologies, treatment plans, and ongoing monitoring.
• Build and maintain a robust governance structure, including the creation and review of policies, control assessments, definition of Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs), audit oversight, and regular reporting to stakeholders.
• Act as the primary point of contact for internal and external audits, coordinating responses, tracking findings, and ensuring timely remediation of identified gaps to maintain continuous compliance.
• Effectively utilize and manage Governance, Risk, and Compliance (GRC) tools such as OneTrust, RSA Archer, or ServiceNow to streamline processes and reporting.
• Collaborate closely with executives, the CISO, and cross-functional teams to communicate risk posture, audit findings, and compliance metrics, reinforcing a culture of security and trust.
• Contribute to and potentially lead aspects of third-party risk management, including vendor assessments and customer trust initiatives.

SOME OF OUR REQUIREMENTS:

• 3+ years of progressive experience in risk management, compliance, or governance roles, preferably within the technology sector or other highly regulated industries.
• Proven track record of successfully managing and delivering complex certification efforts (e.g., ISO 27001, SOC2).
• Strong background in various risk assessment methodologies and practical experience in building and executing effective risk treatment plans.
• Demonstrated experience in managing and optimizing GRC tools.
• Excellent verbal and written English communication skills, with the ability to translate intricate technical risks into clear, actionable business terms for diverse audiences, including senior leadership.
• Strong organizational and project management skills, capable of managing multiple assurance streams, certification programs, and governance rollouts simultaneously.

It would be awesome, if you have:

• Professional certifications such as CISM, CRISC, or other relevant security and risk management credentials.
• Familiarity with standards and frameworks: ISO 27001, NIST 800‑53/CSF, SOC2.

WHAT YOU CAN LOOK FORWARD TO:

• Becoming a part of a very specialized team that will support your ability to succeed
• A challenging and exciting career with an international perspective and opportunities
• Attractive compensation package with a mix of fixed and variable
• A high level of trust and competency to make your own decisions 
• A warm and talented culture with a focus on business, but knowing that family always comes first 
• Access to an international network of specialists within the organization to build your rep and skills  
• Salary from 3200 EUR gross (depending on the experience and competencies)

At Devoteam have created a culture of honesty and transparency, inclusion, and cooperation , which we value a lot. We are looking for colleagues who are highly motivated and proactive, not afraid of challenges. We are highly invested in the career path development of our employees, and we offer and support possibilities for further training, certification, and specialization.