Senior Analyst, Regulatory Affairs responsible for regulatory strategy and compliance within AES. Collaborating with various stakeholders to ensure RTO/ISO compliance and market strategies.
About the role
- Governance, Risk & Compliance Specialist managing security compliance for Skroutz while operationalizing key regulatory and legal requirements. Collaborating across teams to ensure ongoing compliance.
Responsibilities
- Execute the Roadmap: You will implement the security strategy set by the CISO, ensuring entities meets the requirements of an "Important Entity" under NIS2 (Law 5160/2024) while ensuring full compliance with relevant national and European regulations (EU AI Act, CRA, DSA etc.)
- Manage Regulatory Relations: You will handle day-to-day communications and submissions to authorities (ADAE, EETT). Note: Ultimate regulatory accountability remains with the CISO, but you will ensure we are organized, timely, and compliant.
- Policy & Documentation: Draft and maintain internal Information Security & Data Protection policies, the Policy for Assurance of Secrecy of Postal Services and other required ISMS documentation. You will work with the SRE teams to ensure these policies are practical, not just theoretical.
- Collaboration with DPO: Work closely with our specialized DPO team to align data privacy efforts with security controls, policies and procedures and further specifically regarding marketplace and courier service privacy regulations.
- Incident Response : Be a primary point of contact for Incident Response procedures and ensure IR Plans are drafted, maintained, improved upon and executed as necessary, coordinating IR activities as needed with relevant stakeholders
- ISO 27001 Prep: Lead the groundwork for future ISO 27001 certification. You will perform gap analyses and coordinate with engineering teams to close those gaps.
- Audit Facilitation: Act as the primary coordinator during external audits. You will prepare the evidence, schedule the sessions, and assist the CISO in demonstrating compliance.
- Risk Management: Maintain and assist in updating the Skroutz risk register. Perform internal and third-party risk assessments and audits to align with group risk appetite and risk management frameworks
Requirements
- Experience: 3+ years in Information Security Governance, Risk Management, or Compliance.
- Regulatory Fluency: Ability to interpret Greek regulations (FEK, ADAE guidelines) and translate them into actionable tasks for technical teams.
- Framework Knowledge: Familiarity with ISO/IEC 27001. Experience implementing or maintaining an ISMS is highly valued.
- Collaborative Mindset: Be an enabler and a business driver. You can explain why a control is needed to an engineer without blocking their workflow while finding alternatives to achieve compliance.
- Communication: Excellent command of Greek and English. You will draft formal documents for Greek authorities and technical reports in English.
- *Nice to Have*
- *Experience in a regulated sector (Telecoms, Logistics, Banking) or familiarity with ADAE/EETT specificities.*
- *Technical background (IT, Admin, or Engineering) that helps you understand the infrastructure you are protecting.*
- *Certifications: CISA, CISM, CRISC, or ISO 27001 Lead Auditor/Implementer.*
Benefits
- A great opportunity to contribute to the evolution of Skroutz towards becoming one of Europe’s fastest growing Marketplaces
- Thrive in an environment that champions ambitious goals, empowers autonomy, fosters mentoring, and unlocks exciting opportunities for both personal and business growth
- Competitive full-time salary
- Ongoing training and development
- Access to books, online courses, and relevant resources
- Top of the Line tools and equipment
- Private Medical Plan
- Hybrid Working
- Free gym membership at Golden Gym in Athens, plus OAKA cross training & running courses, Padel and online yoga
- For all New Skroutz Fathers we offer 30 working days paternity leave (1,5 months in total)
- Monthly childcare allowance for all Skroutz Parents
- When at the office, we offer free food catering (breakfast & lunch)
- Free Skroutz Plus subscription
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Location requirements
Join LegalVision as a motivated lawyer (2 - 4 PQE) in the Commercial and Regulatory Practice. Work with NDIS providers and healthcare organizations to navigate complex regulatory requirements.
Director managing IT security strategies and policies for Abbott. Overseeing IT security functions and implementation of company - wide policies in a healthcare leadership role.
Join Rockwell Automation as an Analyst ensuring import/export compliance. Focus on regulations, documentation, and shipment monitoring in a hybrid environment.
Analista de Assuntos Regulatórios supporting regulatory strategies for multinational pharmaceutical company. Involves management of drug registration processes and performance monitoring in São Paulo.
Compliance Specialist working at Freetrade to help meet regulatory requirements and support product development. Engaging with teams across the business and delivering training and reporting solutions.
Manager of Regulatory Affairs & Public Policy at Rowan Digital Infrastructure shaping communications and strategies. Leading advocacy in the evolving regulatory landscape for data centers.
Compliance Specialist supporting various Compliance initiatives and ensuring regulatory adherence in healthcare. Reporting to the Compliance Manager and collaborating with internal departments on compliance - related projects.
Air Compliance Manager developing safety programs and conducting risk assessments at a global logistics leader. Ensuring compliance with regulations and maintaining staff certifications.
Senior Consultant in Cybersecurity advising clients on EU cyber and digital compliance requirements. Collaborating with a team of experts to implement regulatory frameworks and solutions.