Head of Risk and Compilance

Zartis is a global AI transformation and technology consulting partner where talented engineers and technologists work on cutting edge innovation. We partner with ambitious organizations to design, build, and scale technology solutions that deliver real impact.

Our teams bring deep expertise in AI driven platforms, secure API architectures, and cloud native engineering. You will work on meaningful projects that accelerate the adoption of advanced technologies, from strategy and discovery through to full product delivery, helping turn complex challenges into measurable outcomes.

With engineering hubs across EMEA and LATAM, and long term partnerships in financial services, healthcare and life sciences, and energy and climate, we offer opportunities to work on projects that truly matter. Here, you will not just build technology, you will drive business impact and grow your career alongside industry leaders.

We are looking for a Head of Risk and Compliance to work on a project in the Tech Company industry.

We are looking for a Head of Risk & Compliance to lead and evolve our Risk & Compliance function. This is a senior leadership role designed for someone who can own the strategic risk agenda, drive a proactive compliance culture, and provide direct decision-making support to the COO. You will manage an internal R&C team, act as the primary accountable owner across all compliance domains, and bring the technical depth in information security and IT infrastructure that bridges the gap between governance frameworks and real-world implementation. 

• Own the company-wide risk register: maintain, prioritise, and drive resolution across all risk domains (legal, operational, data, information security).

• Develop and lead the annual risk assessment cycle; translate outputs into concrete mitigation plans with owners and deadlines.

• Act as the accountable owner for IT security risk, working with internal technical stakeholders and external providers to ensure vulnerabilities, access controls, and infrastructure risks are identified, assigned, and addressed.

• Act as the primary escalation point for risk and compliance matters.

• Design and maintain the governance framework across 8 EU jurisdictions, ensuring policies are current, proportionate, and consistently applied.

• Lead incident response: own the end-to-end process from detection to resolution, including client notification, root cause analysis, and lessons learned.

• Own ongoing ISO 27001 and Cyber Essentials certifications and lead future certifications (SOC 2 or equivalent) as the business requires.

• Lead GDPR compliance across all entities: DPIAs, records of processing, data subject requests, breach management, and DPA relationships.

• Monitor and interpret emerging EU regulation, including NIS2 and upcoming frameworks, and translate requirements into operational action plans before deadlines.

• Manage relationships with external legal counsel, auditors, and regulatory bodies.

• Directly manage the Risk & Compliance Manager and any future hires within the function.

• Set clear performance expectations; develop the team's capability to operate with minimal escalation.

• Act as an internal advisor to other business functions such as Business, Operations and Finance.

• 7+ years in risk, compliance, or information security roles, with at least 3 in a leadership capacity.

• Direct ownership of ISO 27001; hands-on experience with GDPR compliance operations across multiple jurisdictions.

• Track record of building or significantly maturing a compliance function, not just maintaining one.

• Experience working in a tech, consulting, or professional services environment.

• Demonstrated ability to engage C-suite and clients on risk topics with clarity and commercial awareness.

• Exposure to AI governance frameworks or emerging EU regulation in the AI space.

• Familiarity with multi-entity structures across EU jurisdictions (Spain, Ireland, Portugal, Germany, UK).

• 100% Remote Work

• WFH allowance: Monthly payment as financial support for remote working.

• Career Growth: We have established a career development program accessible for all employees with a 360º feedback that will help us to guide you in your career progression.

• Training: For Tech training at Zartis, you have time allocated during the week at your disposal. You can request from a variety of options, such as online courses (from Pluralsight and Educative.io, for example), English classes, books, conferences, and events.

• Mentoring Program: You can become a mentor in Zartis or you can receive mentorship, or both.

• Zartis Wellbeing Hub (Kara Connect): A platform that provides sessions with a range of specialists, including mental health professionals, nutritionists, physiotherapists, fitness coaches, and webinars with such professionals as well.

• Multicultural working environment: We organize tech events, webinars, parties, and activities to do online team-building games and contests.