Senior Risk & Compliance Officer

Senior Risk & Compliance Officer

Application Deadline: 3 March 2025

Department: Security

Employment Type: Full Time

Location: Sofia/Plovdiv

Reporting To: Head of Governance, Risk & Compliance

Compensation: лв.63,000 - лв.69,000 / year

Description

Reward Gateway, together with Edenred, is a global market leader in benefits and employee engagement. We help our clients and their leaders to transform employee experience that will attract, engage, and retain top talent through employee benefits, strategic reward and recognition, well-being, and much more.

An opportunity has become available for a Senior Risk & Compliance Officer to support our Governance, Risk & Compliance, and Information Security operations and be part of a growing business. 

At Reward Gateway we already understand that Compliance and Security are paramount to our success and that’s reflected in the culture. Our Leadership Team is fully committed to Compliance and Information Security and you won’t have to spend your time convincing stakeholders to care - you’ll be empowered to get on with improving the company.

We have a longstanding ISO 27001 and PCI DSS programme and SOC2 Type II and Cyber Essentials Plus compliance. We are as of 2024 certified in ISO 9001, 14001, and 22301 as well. These standards structure everything we do and enable our business to grow by providing a high level of assurance to our customers.

Some of Your Responsibilities & Core Duties will be:

• Support our control framework covering current ISO certifications, SOC 2 Type II, PCI DSS, and Cyber Essentials Plus, and engage in the implementation of future ones (e.g. CRA and/or NIS 2).
• Ensure ISO readiness/compliance by conducting periodic internal audits and hosting ISO registrar audits, Deloitte Information Security audits, and Cyber Essentials Plus certifications.
• Conduct independent analysis, documentation, and remediation actions for detected audit observations via the company's Non-conformance process.
  • Ensure root cause analysis is properly identified and corrective/preventative actions are put in place promptly by the respective process owners.
  • Verify implementation and effectiveness of the corrective/preventative actions.
• Act as a subject matter expert, supporting and mentoring junior team members in compliance, audit processes, and non-conformance management.
• Support the Head of GRC and process owners in developing, documenting, reviewing, and communicating company processes and procedures to incorporate best practices in Quality Management and Information Security Management.
• Manage and enhance the compliance automation platform to streamline compliance activities.
• Support the Head of GRC and Risk Owners with the risk management process.

The Experience and Key Skills you will have:

• At least 3+ years of experience in Compliance or Internal Audit within a multinational organization.
• Strong experience in performing internal audits and leading external audits for at least one compliance framework (e.g., ISO 27001, ISO 9001, ISO 22301, SOC 2 Type II, PCI DSS).You’re not expected to have expertise in all these frameworks, and if you’re unsure, please apply.
• Deep understanding of information security concepts, internal audit, and regulatory compliance.
• Previous exposure to cloud technologies and cloud security.
• Strong document management skills, including experience with Good Documentation Practices and policy/procedure reviews.
• Excellent English communication skills, with the ability to effectively engage with stakeholders across different levels and geographical locations.
• Comfortable managing multiple projects and working across diverse compliance initiatives.
• A risk-based approach to problem-solving and decision-making.

The Interview Process:

• A screening interview with the Senior Talent Partner.
• Interview with the Head of Governance Risk & Compliance and the Risk & Compliance Analyst.
• Final stage interview with the Director of Information Security and the Head of Governance Risk & Compliance.

Be comfortable. Be you.At Reward Gateway, we want all of our employees to feel comfortable bringing their passion, creativity and individuality to work. We value all cultures, backgrounds and experiences, as we truly believe that diversity drives innovation. Express yourself, join our community and help us Make the World a Better Place to Work.
We hire BETTER.  From perks to people, our BETTER approach to hiring earns us more trust, happier people and more world-class talent that help us to make the world a better place to work. Find out more about Reward Gateways approach to benefits, equality, talent, technology, empathy and what you’ll get in return for joining our Mission at rg.co/lifeatrg.