Alert: We are aware of a fraudulent email approach to some clients to change our bank details. Please note our bank details remain unchanged. If you’ve received any suspicious communication, please contact us directly.

Submit a VacancyUpload Your CVGet in Touch iconGet in Touch
SubBanner banner image

Governance, Risk & Compliance Specialist

Basel-Stadt, Switzerland

Apply by 7 Feb 2026

Competitive

Job Ref.: BH-56506

Apply Now
Share Job
Consultant
Nadine Zinovyeva image
Nadine Zinovyeva
Senior Managing Consultant

Job Description

Governance, Risk & Compliance Specialist
 
Support global IT and compliance objectives by managing cybersecurity governance, risk, and compliance processes. This position ensures adherence to regulatory requirements (such as GxP, GDPR, ISO 27001, and NIST) and oversees exceptions management and workflow automation to maintain a secure and compliant IT environment.
 
Responsibilities:
  • Governance & Policy Management:
    • Maintain and update cybersecurity policies, standards, and procedures aligned with ISO 27001, NIST, and GxP requirements.
    • Ensure IT governance processes support business and regulatory objectives.
  • Risk & Compliance:
    • Conduct IT risk assessments and maintain risk registers.
    • Monitor compliance with data protection laws and internal security policies.
    • Prepare for and support internal/external audits (regulatory and customer).
  • Exceptions Management:
    • Manage policy exceptions lifecycle: request, approval, tracking, and expiration.
    • Assess risk impact of exceptions and ensure mitigation plans are in place.
  • Workflow & Automation:
    • Design and optimize workflows for compliance tasks (risk assessments, audits, incident handling).
    • Implement automation in GRC tools (e.g., ServiceNow, Archer) for exception handling and reporting.
  • Metrics & Reporting:
    • Track and report Key Risk Indicators (KRIs) and compliance metrics.
    • Provide dashboards and reports to management for decision-making.
Qualifications:
  • Bachelor’s degree in Information Security, IT, or related field
  • 2–4 years of experience in GRC or cybersecurity compliance, preferably in pharmaceutical industry
  • Knowledge of frameworks: ISO 27001, NIST CSF, GDPR, GxP
  • Familiarity with GRC platforms (ServiceNow, Archer) and workflow automation
  • Certifications (preferred): CISM, CISA, CISSP, ISO 27001 Implementer
  • Microsoft Certified: Azure Security
  • Strong analytical, communication, and stakeholder management skills
  • Ability and eligibility to work in Switzerland (hybrid set-up)
 
Sounds interesting? Please apply by submitting your CV and relevant documents.
APPLY NOW

Recent Jobs.

Security Engineer
Basel, Switzerland

For our customer a International Financial Service Organisation, we are looking for a Cyber Security Specialistthis is a 12 month contract based in Baselhybrid / 3 days per week in office Candidates w

Senior Backend Engineer
Lisbon, Portugal

Our client built an AI-powered sales platform helps B2B companies generate more opportunities thanks to our advanced lead generation engine, hyper-personalized sequencing, omnichannel outreach, and AI

Oracle DBA
Madrid, Spain

For our customer, a major Spanish Financial Services organisation we are looking for a Oracle DBA/ Engineer for a 12 month freelance contract Madrid Based Remote/ Spain based possibleArchitecture & De