Governance, Risk, and Compliance Lead

**In short**:
As the Governance, Risk, and Compliance Lead, you will play a vital role in ensuring our organization operates within regulatory frameworks and complies with relevant industry standards. You will be responsible for developing and implementing policies, procedures, and controls to mitigate risks and protect sensitive information. Working closely with cross-functional teams, you will provide guidance, oversight, and strategic direction to ensure adherence to internal and external requirements.

**Your Mission**:

- Develop and implement a comprehensive governance, risk, and compliance framework for the organization.
- Collaborate with stakeholders to establish and maintain policies, procedures, and controls aligned with applicable laws, regulations, and industry standards.
- Conduct regular risk assessments and vulnerability analyses to identify potential security gaps and recommend appropriate risk mitigation strategies.
- Coordinate and oversee compliance audits, assessments, and certifications, such as ISO 27001, SOC 2, or other relevant standards.
- Manage the day-to-day activities related to information security governance, risk management, and compliance functions.
- Provide guidance and support to cross-functional teams, ensuring they understand their roles and responsibilities in maintaining compliance.
- Monitor and prepare reports on compliance with regulatory requirements and internal policies.
- Establish and maintain relationships with external auditors, regulatory bodies, and other relevant stakeholders to facilitate compliance-related activities.

**Your story**:

- Bachelor's degree in Computer Science, Information Technology, Business Administration, or a related field.
- Proven experience (3+ years) in governance, risk management, and compliance roles within the information security domain.
- Strong knowledge of industry standards, regulations, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, etc.).
- Familiarity with conducting risk assessment, and third-party risk assessments.
- Experience managing compliance audits and certifications (e.g., ISO 27001, SOC 2).
- Excellent understanding of information security principles and best practices.
- Strong analytical and problem-solving skills, with the ability to assess and mitigate risks proactively.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively across teams and levels of the organization.
- Self-motivated, detail-oriented, and able to work independently with mínimal supervision.

**Your story**:

- Bachelor's degree in Computer Science, Information Technology, Business Administration, or a related field.
- Proven experience (3+ years) in governance, risk management, and compliance roles within the information security domain.
- Strong knowledge of industry standards, regulations, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework, etc.).
- Familiarity with conducting risk assessment, and third-party risk assessments.
- Experience managing compliance audits and certifications (e.g., ISO 27001, SOC 2).
- Excellent understanding of information security principles and best practices.
- Strong analytical and problem-solving skills, with the ability to assess and mitigate risks proactively.
- Excellent communication and interpersonal skills, with the ability to collaborate effectively across teams and levels of the organization.
- Self-motivated, detail-oriented, and able to work independently with mínimal supervision.

**What we offer**:
On is a place that is centered around growth and progress. We offer an environment designed to give people the tools to develop holistically - to stay active, to learn, explore and innovate. Our distinctive approach combines a supportive, team-oriented atmosphere, with access to personal self-care for both physical and mental well-being, so each person is led by purpose.

On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination.