Governance risk and compliance expert
Offer summary

(Summary generated by AI based on the full job description)

The project involves building an AI-native GRC platform focused on security compliance and auditing. Key requirements include experience in security compliance operations and audits and hands-on knowledge of SOC 2, ISO 27001, NIST and other GRC frameworks. Responsibilities cover acting as the voice of CISOs and auditors within the team, reviewing requirement-to-control mappings, evaluating model alignment with real GRC practices, and judging the quality of AI in the product.

quick applyyou can start ASAP

Governance risk and compliance expert

Company: MAGNITUDE CLOUD LECH GORLEWICZ

from: 16 July 2026
to: 15 August 2026
salary not specifiedB2B contract (full-time, part time)
Offer parameters
level:senior • expert
working mode:hybrid
location:Gdańsk, Pomeranian
Gdańsk, Pomeranian

Requirements

Operating system

macOS

Our requirements

  • Experience in security compliance operations, including internal or external security compliance audits.
  • Hands-on GRC experience in some of the relevant frameworks (SOC 2, ISO 27001, NIST CSF, NIS2, DORA, GDPR, or others).
  • Great communication skills — much of the role is giving clear, structured feedback and writing down what "good" looks like.

Optional

  • Experience with any GRC platform (Archer, Vanta, ServiceNow, etc.).
  • Experience using and running cybersecurity systems (Wiz, CrowdStrike, etc.).

Your responsibilities

  • Be the voice of CISOs and auditors inside the product team — represent how they actually think and work, so we build what the industry needs
  • Shape the platform direction according to the needs of industry specialists, helping us prioritize what matters most to real compliance teams.
  • Review our framework mapping crosswalks (SOC 2, ISO 27001, NIST) for correctness and defensibility — the mappings between requirements and controls are the credibility of the product, and they have to hold up under scrutiny.
  • Evaluate the design and logic of the system as we build it, telling us where our model matches real GRC practice and where it doesn't.
  • Judge the quality of our AI across different areas

About the project

We're building an AI-native GRC platform, and we're looking for an in-house GRC
expert to shape the development of the system and act as its internal customer
and domain quality bar. In practice, that means you're the person who makes sure
what we build is correct and defensible the way a real auditor or CISO would
judge it. This isn't a role running our own security program — it's about
bringing deep compliance expertise into the product itself, so the tool earns
the trust of the specialists who'll rely on it.

About Us

1CISO is an AI-native GRC platform that helps companies stay on top of their
risk and compliance processes. We're using AI to take the grind out of
compliance while keeping the expert judgment that makes it credible — which is
exactly why this role matters to us. Our R&D team is based in Gdańsk, Poland,
and our target customers are US-based medium-size companies.
Governance risk and compliance expert
I apply to:
MAGNITUDE CLOUD LECH GORLEWICZ
Gdańsk, Pomeranian

Need more information?

  • Make sure the body of the offer doesn’t already include what you’re looking for.
  • Ask a question if you need more information you’re interested in.
  • We’ll forward your question to the employer and aim to provide a response within 3 business days.

Share this offer