Senior GRC Analyst (m,f,x)
The role
We’re looking for a new teammate who will support the implementation and ongoing maintenance of information security compliance and certification programs, working with cross-functional internal teams and external auditing agencies. The person will also support data protection, data privacy, and third-party vendor risk management functions.
The position will be part of the Governance, Risk & Compliance (GRC) team at HelloFresh that is responsible for creating, maintaining and improving HelloFresh’s security risk management program and remediation activities; information security and data privacy related processes, policies, and guidelines; supporting compliance and certification related activities; and driving security awareness and education.
Above all, we are looking for people who will make HelloFresh better. We believe there are many different ways of developing skills and we love diverse experiences! So even if you don’t “tick all the boxes” but think you’d thrive in this role, we would really like to learn more about you.
What you’ll do
- Lead end-to-end compliance readiness for NIS2 and support alignment across other key frameworks (e.g., PCI DSS, CSRD, ISO/SOC and EU AI Act).
- Plan and execute internal control assessments and coordinate external compliance audits on a defined cadence.
- Translate regulatory requirements into practical controls; drive cross-functional implementation across international teams.
- Own remediation management: track findings, evidence, owners, deadlines, and report status to stakeholders.
- Improve GRC maturity through continuous monitoring, clear documentation, and mentoring junior team members.
- Lead internal assessments and coordinate external compliance audits at planned intervals
- Evaluate and validate the design and operational effectiveness of security policies, standards, and internal controls to help reduce compliance risk in the company
- Develop comprehensive and accurate reports and presentations on the compliance landscape for both technical and executive audiences
What you’ll bring
- 3+ years' experience in performing compliance activities in a corporate environment related to IT General Controls (ITGC), SOC 2, ISO 27001, PCI DSS, EU NIS2, and various data privacy directives (GDPR, CCPA/CPRA, etc.)
- Ability to interpret compliance regulations and map them to the actual implementation of systems, whilst referencing various security frameworks
- Experience supporting data privacy regulations (GDPR, CCPA) and third-party risk management programs
- Experience with developing and executing security awareness programs and trainings
- Highly organized and detail-oriented , with an ability to work independentl y
- Industry compliance certifications (CISA, CISM, CISSP) are a plus
- Prior experience working in a SaaS environment, mainly Cloud and AWS-based
What we offer
Elevate your lifestyle! Join one of Europe's fastest-growing tech powerhouses in a dynamic phase of expansion.
- Immerse yourself in a diverse global community of 90+ nationalities.
- Enjoy a competitive compensation package that goes beyond the norm, with perks like a HelloFresh- subsidized Pension Scheme, Berlin relocation support, and a Hybrid working model.
- Elevate your lifestyle with exclusive discounts on your weekly HelloFresh box and office meals.
- Invest in your growth with a German language learning budget, and access to the HelloFresh Academy.
- Plus, we've got your well-being covered with mental health support, transportation perks, and working-parent-friendly benefits. From our 24/7 gym access,wellbeing platforms like Headspace and Spill, to sabbatical leave options, HelloFresh is not just a workplace; it's a lifestyle of perks and possibilities!
Empfohlene Jobs
Mechaniker (m/w/d)
Wir suchen exklusiv für unseren Kunden Hansa-Flex in Direktvermittlung einen Mechaniker für den Industrieservice. Aufgaben Gemeinsam mit deinem Team installierst du Hydrauliksysteme an neuen Anlag…
Teamleiter Kalkulation SF-Bau bis 100k (m/w/d)
Ihre Aufgaben: Fachliche und disziplinarische Führung eines Teams von 5 Mitarbeitern Aktive Mitwirkung an einer optimalen Preis- und Kostengestaltung unter Berücksichtigung der hohen Qualität…
Intern Product (f/m/d)
Your Role As a Product Intern (f/m/d) , you'll own your projects from start to finish—diving into our tech, exploring different teams, and making a real impact in a fast-growing fintech. The i…
Senior DNS Infrastructure Engineer
Imagine a future where everyone has instant, low-cost access to intelligence. We’re building a fully featured European AI cloud - with everything one needs to train, experiment with, and deploy AI mo…
IT- Anwendungsbetreuung & digitale Prozesse (w/m/d)
Wofür wir Sie suchen PROCEDO-Berlin  steht seit 2007 für praxisnahe Bildung und Entwicklung â für pädagogische Fach- und Führungskräfte in Kita, Schule und Jugendhilfe, aber auch für O…
Global Tax Expert (all genders)
Willkommen bei Glow25! Wir sind ein dynamisches, schnell wachsendes Beauty & Pro Aging Unternehmen aus Berlin - mit einer Herzensmission: Glow-Momente schaffen. Für unsere Kund:innen, für unser Team, …
Einsteiger*in (m/w/d) Beratung SAP Wirtschaftsinformatik
Deine Aufgaben Wir suchen talentierte Mitarbeiter*innen zum Ausbau unserer Aktivitäten im Bereich betriebliche Informatik im SAP Umfeld. Hast du Interesse daran, dein Fachwissen zu nutzen, um Brüc…
Consultant Logistik (m/w/d)
Ihre Aufgaben: Beratung von Kunden zur Logistiksoftware durch Problem- und Anforderungsanalyse Entwicklung von Ideen sowie Entwurf und Planung neuer Softwarefunktionen Management des Softw…
Chile: Praktikum in verschiedenen Bereichen der Hotelbranche
Chile: Praktikum in verschiedenen Bereichen der Hotelbranche Praktikum Unternehmen: Hotelpraktikum.com Standort: 10245 Berlin Gesuchte Fachrichtungen: Unternehmensbeschreibung Diese …
Arzt für Allgemeinpraxis (m/w/d)
• Arzt für Allgemeinpraxis • (m/w/d) Arzt/Ärztin Medizin & Naturwissenschaft Berlin Jetzt bewerben Referenznummer: 80/66576 Anstellungsart: Arbeitsplatz Stelle: •…