Compliance Officer, IT​/Tech

Reporting to the Chief Information Security Officer. We are seeking a highly skilled Compliance Officer to lead our compliance monitoring, reporting, and certification efforts across multiple regulatory frameworks and industry standards. This role will ensure our organization maintains alignment with evolving regulations (e.g., NIS2, EU Data Act, EU AI Act...) and standards (ISO
27001, ISO
42000, ISO
22301, SOC1, SOC2). The Compliance Officer will leverage Service Now GRC to map policy statements, define control objectives, track compliance status, and manage non-conformities. This position is both strategic (monitoring regulations, maintaining certifications) and operational (hands‑on Service Now GRC work, facing auditors).

• Analyze and interpret requirements from NIS2, EU Data Act, EU AI Act, and other applicable regulations.
• Maintain awareness of updates to ISO standards (ISO
  27001, ISO
  42000, ISO
  22301) and ensure organizational compliance.
• Map policy statements and controls in Service Now GRC to the regulatory and standards authority documents.
• Create and refine controls and control objectives where gaps exist.
• Continuously improve internal policies and procedures to align with best practices.
• Maintain certifications such as ISO
  27001 and prepare reports for SOC1 and SOC
  2.
• Act as the primary point of contact for external auditors, demonstrating compliance posture and evidence.
• Manage remediation of non-compliance and non-conformities.
• Generate compliance dashboards and reports in Service Now to provide real-time visibility into compliance status.
• Present compliance metrics and risk assessments to senior management.
• Work closely with IT, Security, Legal, Product Development, Project Management and Risk teams to ensure integrated compliance efforts.
• Provide guidance and training to staff on compliance requirements and best practices.
• Ensure compliance with CHAMP Security Requirements (including IT Security Policies such as ISMS Policy and Acceptable Use Policy, mandatory courses, confidentiality, data protection, use of company assets, and incident reporting).

• Proven experience in compliance, cybersecurity governance, or risk management.
• Strong knowledge of regulatory frameworks: NIS2, EU Data Act, EU AI Act.
• Strong knowledge of industry standards: ISO
  27001, ISO
  42000, ISO
  22301.
• Strong knowledge of audit frameworks: SOC1, SOC
  2.
• Hands‑on experience with Service Now GRC (policy mapping, control objectives, compliance reporting).
• Excellent communication skills with the ability to face auditors and senior stakeholders confidently.
• Analytical mindset with strong problem-solving skills.

• Bachelor’s or Master’s degree in Information Security, Law, Risk Management, or related field.
• 7-10 years of experience expected.
• Professional certifications such as CISA, CISM, ISO
  27001 Lead Auditor/Implementer, or CRISC.
• Experience in multinational compliance environments.
• Familiarity with cloud compliance frameworks (e.g., CSA STAR, ISO/IEC 27017 & 27018, SOC2 for SaaS provider).

The selected candidate may be subject to the provision of an up-to-date (not older than 3 months) criminal record certificate.

CHAMP Cargo systems is an equal opportunity employer and prohibits discrimination and harassment of any kind. We are committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment.