Head of Risk and Compliance

About The Position

Requirements

• 7+ years of experience in enterprise risk management, cybersecurity, or information assurance, with at least 5 years in leadership capacity.
• Strong understanding of cybersecurity frameworks, operational risk, business continuity, and compliance programs.
• Proven experience working within or alongside a CISO organization in a fast-paced technology or cybersecurity environment.
• Expertise in quantitative and qualitative risk analysis, reporting, and executive communication.
• Familiarity with standards and regulations such as NIST, ISO 27001, SOC 2, GDPR, DORA, and NIS2.
• Excellent relationship-building and influencing skills, capable of engaging stakeholders across technical and business domains.

Nice To Haves

• Relevant certifications preferred: CRISC, CISSP, CISM, CISA, ISO 27005 Risk Manager, or equivalent.

Responsibilities

• Develop and lead the company-wide risk and compliance management strategy, policies, and framework aligned with organizational objectives and regulatory standards.
• Collaborate with different stakeholders to identify, assess, and mitigate operational, cybersecurity, and compliance risks.
• Own and evolve the company’s risk register, metrics, and reporting cadence, providing transparent insights to the CISO, senior leadership, and board committees.
• Manage and lead the company’s compliance frameworks including ISO, Common Criteria, FedRamp, SOCII, GDPR, and more.
• Quarterback compliance efforts, testing and auditing.
• Lead third-party and vendor risk management programs, ensuring supply chain resilience and adherence to company security requirements.

Benefits

• You’ll be part of a global team on the front lines of cybersecurity innovation.
• At Semperis, we celebrate curiosity, integrity, and people who take initiative.
• If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.