Home
Recruiter
Sign In

Head of Risk and Compilance

Remote from
Europe flag
Europe
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Legal & Compliance
Employment type
Full Time,
Job posted
Apply before
16 Jul 2026
Experience level
Director
Views / Applies
54 / 10
About company Share

About Zartis

Your Compass for AI Transformation.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

Zartis is seeking a Head of Risk and Compliance to lead and evolve their Risk & Compliance function. This senior role involves owning the strategic risk agenda, driving a proactive compliance culture, and providing direct support to the COO. Responsibilities include managing the company-wide risk register, leading ISO 27001 and GDPR compliance, and overseeing incident response. The ideal candidate has 7+ years in risk or compliance with at least 3 in leadership, and experience in tech or consulting environments. This role offers the opportunity to shape compliance strategy and work on cutting-edge AI projects.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires extensive experience (7+ years, 3 in leadership) and ownership of multiple regulatory frameworks (ISO 27001, GDPR, NIS2) across 8 jurisdictions, making it challenging but not the hardest due to clear expectations and team support.

Salary Analysis

Median Highly Competitive
$200,000
US Market
$150k – 250k
0 $275k
AI Insight The offered salary is competitive for a Head of Risk and Compliance role, with a median of $200,000 aligning with senior leadership positions in the tech industry. The market range of $150,000 to $250,000 reflects the high demand for expertise in risk management, compliance, and information security.

Key Skills

Risk Management Compliance ISO 27001 GDPR Information Security Leadership Incident Response Governance NIS2 AI Governance

I am excited to apply for the Head of Risk and Compliance position at Zartis. With over 8 years of experience in risk management, compliance, and information security, including 4 years in leadership, I have successfully led ISO 27001 certifications and GDPR compliance across multiple jurisdictions.

In my previous role, I owned the company-wide risk register, developed annual risk assessments, and managed incident response processes. I also built and matured a compliance function, directly supporting C-suite executives and external auditors.

I am particularly drawn to Zartis's focus on AI transformation and technology consulting, and I am eager to bring my expertise in governance frameworks and IT security to your team. I am confident I can drive a proactive compliance culture and support your strategic goals.

Thank you for considering my application. I look forward to discussing how I can contribute to Zartis's success.

Can you describe your experience with ISO 27001 certification? Have you led the process from scratch?
Yes, I have led ISO 27001 certification from initial gap analysis to final audit. In my previous role, I established the ISMS, documented policies, and coordinated with internal teams and external auditors. I also ensured continuous improvement through regular internal audits.
How do you prioritize and manage risk across different domains (legal, operational, data, IT security)?
I use a risk register to categorize and score risks based on likelihood and impact. I prioritize risks that could affect business continuity or regulatory compliance. I assign owners and deadlines, and I review the register quarterly with the leadership team.
Tell us about a time you managed a major compliance incident. How did you handle it?
In a previous role, we experienced a data breach involving customer PII. I led the incident response team, containing the breach, notifying affected clients, and reporting to the data protection authority within 72 hours. I conducted a root cause analysis and implemented additional access controls.
How do you ensure GDPR compliance across multiple EU jurisdictions?
I maintain a centralized record of processing activities for each jurisdiction, appoint local DPOs where required, and conduct DPIAs for high-risk processes. I also monitor regulatory updates and adapt policies accordingly. Regular training ensures consistent application.
What experience do you have with AI governance or emerging EU regulations like NIS2?
I have been monitoring NIS2 requirements and have started mapping our current controls to the new framework. For AI governance, I have developed policies addressing algorithmic transparency and bias, aligning with the EU AI Act proposals.

The company and our mission: 

Zartis is a global AI transformation and technology consulting partner where talented engineers and technologists work on cutting edge innovation. We partner with ambitious organizations to design, build, and scale technology solutions that deliver real impact.

Our teams bring deep expertise in AI driven platforms, secure API architectures, and cloud native engineering. You will work on meaningful projects that accelerate the adoption of advanced technologies, from strategy and discovery through to full product delivery, helping turn complex challenges into measurable outcomes.

With engineering hubs across EMEA and LATAM, and long term partnerships in financial services, healthcare and life sciences, and energy and climate, we offer opportunities to work on projects that truly matter. Here, you will not just build technology, you will drive business impact and grow your career alongside industry leaders.

We are looking for a Head of Risk and Compliance to work on a project in the Tech Company industry.

The project:

We are looking for a Head of Risk & Compliance to lead and evolve our Risk & Compliance function. This is a senior leadership role designed for someone who can own the strategic risk agenda, drive a proactive compliance culture, and provide direct decision-making support to the COO. You will manage an internal R&C team, act as the primary accountable owner across all compliance domains, and bring the technical depth in information security and IT infrastructure that bridges the gap between governance frameworks and real-world implementation. 

What you will do:

  • Own the company-wide risk register: maintain, prioritise, and drive resolution across all risk domains (legal, operational, data, information security).

  • Develop and lead the annual risk assessment cycle; translate outputs into concrete mitigation plans with owners and deadlines.

  • Act as the accountable owner for IT security risk, working with internal technical stakeholders and external providers to ensure vulnerabilities, access controls, and infrastructure risks are identified, assigned, and addressed.

  • Act as the primary escalation point for risk and compliance matters.

  • Design and maintain the governance framework across 8 EU jurisdictions, ensuring policies are current, proportionate, and consistently applied.

  • Lead incident response: own the end-to-end process from detection to resolution, including client notification, root cause analysis, and lessons learned.

  • Own ongoing ISO 27001 and Cyber Essentials certifications and lead future certifications (SOC 2 or equivalent) as the business requires.

  • Lead GDPR compliance across all entities: DPIAs, records of processing, data subject requests, breach management, and DPA relationships.

  • Monitor and interpret emerging EU regulation, including NIS2 and upcoming frameworks, and translate requirements into operational action plans before deadlines.

  • Manage relationships with external legal counsel, auditors, and regulatory bodies.

  • Directly manage the Risk & Compliance Manager and any future hires within the function.

  • Set clear performance expectations; develop the team’s capability to operate with minimal escalation.

  • Act as an internal advisor to other business functions such as Business, Operations and Finance.

What you will bring:

  • 7+ years in risk, compliance, or information security roles, with at least 3 in a leadership capacity.

  • Direct ownership of ISO 27001; hands-on experience with GDPR compliance operations across multiple jurisdictions.

  • Track record of building or significantly maturing a compliance function, not just maintaining one.

  • Experience working in a tech, consulting, or professional services environment.

  • Demonstrated ability to engage C-suite and clients on risk topics with clarity and commercial awareness.

 

Nice to have:

  • Exposure to AI governance frameworks or emerging EU regulation in the AI space.

  • Familiarity with multi-entity structures across EU jurisdictions (Spain, Ireland, Portugal, Germany, UK).

 

What we offer: 

  • 100% Remote Work

  • WFH allowance: Monthly payment as financial support for remote working.

  • Career Growth: We have established a career development program accessible for all employees with a 360º feedback that will help us to guide you in your career progression.

  • Training: For Tech training at Zartis, you have time allocated during the week at your disposal. You can request from a variety of options, such as online courses (from Pluralsight and Educative.io, for example), English classes, books, conferences, and events.

  • Mentoring Program: You can become a mentor in Zartis or you can receive mentorship, or both.

  • Zartis Wellbeing Hub (Kara Connect): A platform that provides sessions with a range of specialists, including mental health professionals, nutritionists, physiotherapists, fitness coaches, and webinars with such professionals as well.

  • Multicultural working environment: We organize tech events, webinars, parties, and activities to do online team-building games and contests.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Legal & Compliance remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

617 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts and digest
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts and digest
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›