GRC Consultant - SaaS

We are seeking a detail-oriented and proactive SaaS GRC Specialist to strengthen our Governance, Risk, and Compliance framework as we scale our SaaS operations. In this role, you will ensure that our business processes, security controls, and regulatory obligations are consistently met. You will work across multiple teams—security, legal, product, and operations—helping us maintain trust with customers and regulators while supporting business growth.Key ResponsibilitiesOwn and manage governance, risk, and compliance initiatives for our SaaS platforms.Monitor, review, and improve internal policies, procedures, and controls in line with ISO 27001, SOC 2, GDPR, and other regulatory frameworks.Conduct risk assessments and recommend mitigation strategies for SaaS operations and customer data protection.Collaborate with product, engineering, and IT teams to embed compliance into day-to-day operations.Prepare and support external audits, certifications, and customer due diligence requests.Deliver GRC training and awareness sessions to employees across the business.Track regulatory changes and advise leadership on potential business impacts.RequirementsBachelor’s degree in Information Security, Business, Compliance, or related field.2+ years of experience in GRC, risk management, or compliance (preferably within SaaS or technology companies).Strong knowledge of SaaS compliance frameworks (ISO 27001, SOC 2, GDPR, NIS2, or similar).Ability to interpret regulations and translate them into practical, business-friendly processes.Excellent written and verbal communication skills (German or English; both preferred).Strong organizational skills with the ability to manage multiple priorities.Nice-to-HaveProfessional certifications (CISM, CRISC, ISO 27001 Lead Implementer, or similar).Experience working with SaaS platforms (AWS, Azure, Salesforce, HubSpot, etc.).Familiarity with vendor risk management and third-party security assessments.Exposure to data privacy laws beyond GDPR (CCPA, UK-GDPR, HIPAA).Role TypePermanent or ContractLondon-based (Hybrid) or remoteAbout UsDiscover tailored data privacy jobs and recruitment opportunities with Lex Dinamica. As a strategic career partner, we specialize in connecting candidates with roles that align with their expertise and aspirations. With partnerships with clients and top candidates, we ensure that your next career move in data privacy and consulting is fulfilling and aligned with the evolving landscape. Our ProcessThe data you provide us with will be processed exclusively for job placement requirements and assessing your application against our clients\' requirements. You may withdraw your application at any time by getting in touch with a member of our team, via LinkedIn or contact details found on your website. You may ask us to keep your information on file for any future opportunities. For more information, or for part-time opportunities, get in touch with our team via LinkedIn. Lex Dinamica is proud to be an equal opportunity employer, which means we are committed to creating and celebrating diverse thoughts, cultures, and backgrounds throughout our organization. Employment at or through Lex Dinamica is based on substantive ability, objective qualifications, and work ethic – not an individual’s background, religion, sex or gender, gender identity or expression, sexual orientation, national origin or ancestry, alienage or citizenship status, physical or mental disability, pregnancy, age, genetic information, veteran status, marital status, status as a victim of domestic violence or sex offenses, reproductive health decision, or any other characteristics protected by applicable law.