Grc Specialist

**Who we are**:
**AmagisTech** was founded to bring the best **Cybersecurity** solutions, previously the domain of Big Tech, and make them accessible to SMEs.

**Our mission**: democratize digital security and make Italian companies immune to threats, freeing them from the burden of obsolete and insecure IT.

AmagisTech is the platform that anticipates the future. If we succeed, we will become the default solution for securing business in Italy. This is a game-changing goal.

We are looking for people who want more than just a job: they want to build an **exponential career**. We are a strong team, and you will be on the front line. We are at the stage where a great idea becomes a global powerhouse.

**Who We Are Looking For**:
We don't care who you have been, only who you want to become. We are looking for those with the **hunger to learn** and the drive to conquer complexity.
- ** You Are Our Clients Risk Mind**: You will be the focal point for implementing and maintaining standards and regulations for our customers (ISO 27001, DORA, NIS2, etc.).
- ** Vanta will become your bread and butter**: given our strategic relationship for Vanta in Italy, Malta, and Cyprus you will access exclusive resources to implement the best GRC tool on the market.

**Your Mission**:
You will be the architect of our clients resilience. Your rigor has a direct impact on customer trust and business scalability.
- ** Design and Implementation**: Design, implement, and monitor Governance, Risk Management, and Compliance (GRC) Frameworks for us and our customers.
- ** Analysis and Mitigation**: Conduct risk assessments, identify operational vulnerabilities, and define effective mitigation plans.
- ** Standards and Certifications**: Manage the processes to obtain and maintain critical certifications for our business (e.g., ISO 27001 or SOC2) and ensure regulatory compliance (e.g., DORA or NIS2).
- ** Corporate Education**: Lead staff training on security and compliance policies, making the entire company aware and responsible.

**Who You Are**:
You have the ambition and the mindset to reject an insecure or non-compliant status quo.
- ** Hunger**: You have 1-3 years of experience in GRC, IT Security, law & technology, or IT Audit (if you have already worked on standards like ISO 27001 or with regulations such as DORA, it's a massive plus). An **analytical, zero-compromise mindset** is mandatory.
- ** Want to Make History**: We are in a phase of **building and conquering** extremely high security standards. This is not a quiet job. It's a constant battle for integrity.
- ** Impact-Oriented**: You don't just point out a compliance issue. You present the solution and implement it. Your success is measured by the absence of critical risks.
- ** Problem Solver, Not Reporter**: You don't just identify a gap. You find a way to **design a process** that closes it permanently.

**What We Offer**:
More than just compensation—a ticket to specialized professional growth.
- ** Top Compensation**:35K** with bonuses tied to achieving compliance and certification goals for our customers.
- ** Flexible Model**: you can decide your place of work as long as you hit your KPIs.
- ** Accelerated Vertical Growth**: You will witness a Tech Scale-up become an industry leader. You will have access to high-level training and certifications (e.g., CISA, CISSP, Lead Implementer). Here, the learning curve is a **straight line upwards**.
- ** Explosive Environment**: We work with extreme rigor, but we celebrate humility and team spirit. We hustle on Frameworks, we laugh about it, and we secure the future together.

**Selection Process**:Technical Meritocracy**:
**You must stand out. Technical potential and the drive to deliver are our currency.**
- ** Phase 1**: Screening Call (30 minutes)
- ** Phase 2**: Written Technical Test (1 hour, asynchronous) - _Focused on GRC Fundamentals._
- ** Phase 3**: Technical Interview with the Legal Counsel (45 minutes) - _Showcase your skills._
- ** Phase 4**: Cultural & Strategic Fit Interview (30 minutes)