Compliance and Risk Management Specialist

Location: Estonia, UK or Turkey

At Binalyze, we are reshaping Investigation and Response through automation. As the creators of AIR — a next-generation platform powered by forensic-level visibility — we empower incident response and SOC teams to investigate faster, strengthen security, and boost cyber resilience, all at unparalleled speed and scale.

We are passionate innovators building the future of DFIR (Digital Forensics & Incident Response), and we're just getting started.

+The Role

As our Information Security Compliance and Risk Management Specialist, you will:

• Develop & Maintain Compliance Policies: Design and enforce information security and business continuity policies and procedures in line with ISO 27001, ISO 27701, SOC 2, GDPR, NIST, and other industry-specific regulatory requirements.

• Lead Compliance Audits: Oversee and manage internal and external compliance audits, ensuring adherence to all applicable regulations. Act as the primary liaison with external auditors and regulators to provide evidence of compliance and facilitate seamless audit processes.

• Risk Management Framework: Lead the development, implementation, and ongoing maintenance of a comprehensive risk management framework to identify, assess, and mitigate risks to both information security and business continuity.

• Monitor & Report on Compliance Status: Regularly monitor compliance metrics and generate detailed reports for senior leadership, highlighting risk areas, compliance status, and the effectiveness of current controls.

• Coordinate with Cross-Functional Teams: Work closely with teams across the organization (engineering, finance, sales, marketing, etc.) to ensure security and compliance practices are integrated seamlessly into daily operations.

• Risk Communication: Communicate identified risks, compliance gaps, and mitigation plans effectively to both technical and non-technical stakeholders.

• Training & Awareness: Design and deliver compliance training and awareness programs to ensure employees understand and adhere to security policies, standards, and procedures.

• Business Continuity Plans: Collaborate to integrate business continuity measures with information security practices to ensure operational resilience in the face of disruption.

• Manage GRC Tools: Oversee and manage the GRC (Governance, Risk, and Compliance) tools, ensuring ISMS and BCMS documentation is up to date and in line with compliance standards.

+ What we're looking for

Experience

• Previous experience in a compliance and risk management role, with hands-on experience leading and managing compliance programs and ensuring alignment with regulatory frameworks such as ISO 27001, SOC 2, ISO 27701, NIST 800-53, and GDPR.

• Proven track record of leading compliance audits, managing external auditor relationships, and implementing improvements based on audit findings.

• Extensive experience with business continuity management, including risk assessments, testing, and aligning business continuity plans with overall information security strategies.

• Experience with GRC tools (such as Drata or similar platforms) for managing ISMS/BCMS documentation, audits, and risk assessments.

Skills and Knowledge

• In-depth understanding of information security governance, risk management, and compliance principles, practices, and technologies.

• Strong familiarity with regulatory compliance frameworks such as ISO 27001, ISO 27701, ISO 22301, SOC 2, GDPR, and NIST.

• Ability to translate complex compliance requirements and regulatory frameworks into actionable strategies that can be easily understood by diverse stakeholders.

• Excellent analytical skills to evaluate and manage compliance and risk data and generate insights that inform strategic decisions.

• Exceptional English written and verbal communication skills, with the ability to clearly articulate compliance findings, risks, and recommendations to both technical and non-technical stakeholders.

• Strong collaboration skills, working effectively with cross-functional teams to ensure alignment of security, risk, and compliance objectives.

• Ability to prioritize and manage multiple initiatives and compliance requirements effectively.

• Problem-solving mindset, able to handle and mitigate risks associated with security, compliance, and business continuity.

• Proactive, detail-oriented, and able to work independently in a remote environment.

Certifications (Preferred but not required)

• ISO/IEC 27001 Lead Auditor

• ISO 22301 Lead Implementer

• GDPR Practitioner

+What we offer

• 28 days holiday allowance + wellbeing days + birthday off!

• Private medical insurance for you and your family.

• A supportive and collaborative team that's as passionate as you are.

• Home office setup support.

• Great opportunities for growth and development

• Entertainment allowance - Netflix / Spotify.

• Healthy living allowance- Gym membership.

+Ready to make an impact?

If you’re passionate about building great products, solving complex problems, and advancing the future of cybersecurity, we’d love to meet you.

+ Diversity & Inclusion

At Binalyze, we are committed to building a diverse and inclusive team. We welcome applicants from all backgrounds, perspectives, and experiences.