Governance Risk Compliance Specialist

GRC speaclist- HANDAQ MALTA

An opportunity has risen for a GRC Specialist within our Service Excellence team.

As the GRC Specialist, you will play a crucial role in overseeing the customer satisfaction and service quality at BMIT Technologies and manage the overall ISMS and compliance programmes of the company including ISO27001, PCI DSS and SOC2.

Your main duties and responsibilities will include:

•  Service Management Oversight:

Promote effective service management by monitoring service level agreements (SLAs) and operational level agreements (OLAs). Collaborate with service delivery teams to ensure consistent performance measurement and reporting.

• ISMS 

Lead BMIT’s ISMS and related certifications programmes such as ISO 27001, PCI DSS and SOC2 attestation including managing the maintenance of the risk register and the information within BMIT’s GRC system as assigned by the Lead Service Excellence Officer. Oversee, develop and participate in the implementation and maintenance of policies and procedures.

• CSRD/ESG Responsibility:

Work on the implementation of Corporate Sustainability Reporting Directive (CSRD) requirements.

• Interface with Legal and DPO 

Ensure the effective handling of personal data protection activities by closely interfacing with the Data Protection Officer (DPO) as required. Collaborate with the legal department to address notices from competent authorities and law enforcement agencies. Manage and resolve customer-related regulatory complaints received from competent authorities, law enforcement entities, and authorized third parties, ensuring compliance with relevant regulations and maintaining the highest standards of data protection.

Customer-Facing Responsibilities:

• Service Management:

Ensure that customers receive high-quality service aligned with compliance standards. Actively address customer concerns related to service delivery and compliance issues while effectively liaising with relevant departments to resolve them.

• Compliance: 

Provide and assist customers during audits to help them achieve their own certifications. Handle regulatory requests pertaining to customers coming from competent authorities, law enforcement agencies and other legitimate 3rd parties. 

Accountabilities:

·      Compliance Reporting:

Regularly report on compliance status to the Lead Service Excellence Officer, including audit results and any incidents of non-compliance. Lead BMIT’s certifications programmes such as ISO 27001, PCI DSS and SOC2 attestation including managing the maintenance of the risk register and the information within BMIT’s GRC system as assigned by the Lead Service Excellence Officer.

• Policy Enforcement:

Ensure enforcement of compliance policies across the organization, documenting any violations and action taken.

• ESG Reporting:

Deliver comprehensive ESG reports to stakeholders that clearly communicate BMIT Technologies’ sustainability initiatives and compliance with CSRD requirements.

• Preference will be given to candidates who possess any of the following qualifications and experience.

Experience in CSRD/ESG reporting obligations

CISA, CIPP/E, CIPM, ISO Lead implementor, ISO lead auditor certifications