• Lead and maintain the company’s ISO 27001 Information Security Management System (ISMS) and SOC 2 Trust Services Criteria certification programs.
• Serve as the primary point of contact for engaging with external and internal auditors, facilitating ISO 27001 certification and SOC 2 attestation processes.
• Own compliance audits: plan, coordinate with auditors, collect evidence, and provide comprehensive audit responses.
• Manage risk assessments, control testing, and remediation activities to ensure ongoing compliance.

• Develop, maintain, and enforce IT security and compliance policies, procedures, and standards.
• Ensure documentation aligns with ISO 27001 Annex A controls, SOC 2 requirements, and addresses evolving compliance needs due to scope or structural changes.
• Respond to client security questionnaires with accurate and detailed information to demonstrate compliance.

• Oversee access control, change management, incident management, and third-party/vendor risk management within the scope of ISO 27001 and SOC 2.
• Ensure compliance across environments supporting software development, hosting platforms, and APIs.
• Monitor the effectiveness of security controls and recommend improvements to mitigate emerging risks.

• Act as the central liaison for external auditors, regulators, and certification bodies, ensuring clear communication and issue resolution.
• Conduct internal compliance audits, gap assessments, and readiness reviews to maintain certification readiness.
• Track and close compliance findings and audit issues, ensuring timely resolution and documentation.
• Provide expert guidance on compliance implications of ISO 27001 scope changes and corporate structure changes.

• Build awareness of compliance requirements across development, operations, and support teams.
• Deliver targeted training on compliance obligations, including secure software development, data handling, and gaming industry standards.
• Vendor & Third-Party Risk Management
• Assess compliance of key vendors, including cloud hosting providers, content partners (e.g., Pragmatic Play), and integration providers.
• Ensure contractual and SLA alignment with ISO 27001 and SOC 2 requirements.
• Reporting
• Provide regular compliance updates, risk posture reports, and responses to client inquiries to senior management and stakeholders.
• Support management with compliance performance metrics and KPIs.

• Bachelor's degree in Information Security, Computer Science, Risk Management, or a related field.
• 5+ years’ experience in IT compliance, GRC, risk management, or information security, ideally in gaming, fintech, or other regulated industries.
• Strong understanding of:
• ISO 27001:2022 Information Security Management System (ISMS)
• SOC 2 Trust Services Criteria (Security, Availability, Confidentiality, Processing Integrity, Privacy)
• Proven track record of leading certification and audit processes, including direct engagement with auditors.
• Experience responding to client security questionnaires and communicating compliance status effectively.
• Experience with SaaS/PaaS environments, APIs, and cloud-based hosting services.
• Knowledge of secure SDLC, DevOps, and CI/CD compliance integration.
• Professional certifications preferred (e.g., CISA, CISM, ISO 27001 Lead Implementer/Auditor, CCSK, CRISC).

• Excellent knowledge of IT compliance, audit, and risk frameworks, with expertise in ISO 27001 and SOC 2.
• Strong communication and stakeholder management skills, with the ability to represent the company to auditors and clients.
• Ability to influence cross-functional teams (dev, ops, support) to adopt compliance practices.
• Analytical thinker with a problem-solving approach to compliance challenges, including scope and structural changes.
• Detail-oriented with strong documentation, evidence management, and client questionnaire response skills.

What we offer:

• We offer a highly competitive salary
• A detailed company training on highest standards
• A chance to work in friendly and supportive culture
• Tremendous growth opportunities in a large fast moving international company