Information Security Governance & Compliance Manager (GRC / ISMS)

In this role, you will own the governance, compliance, and control framework for information security, ensuring that our Information Security Management System (ISMS) and related processes remain aligned with applicable technical and organizational security requirements, industry standards, and internal policies.

You will work closely with Legal and Compliance, Product, Engineering, and other relevant teams to translate regulatory and standard requirements into practical, scalable information security controls and documentation.

• Maintain and continuously improve the Information Security Management System (ISMS), including procedures, guidelines, and control documentation
• Ensure ISMS documentation is kept up to date in line with business changes, certification cycles, and evolving information security requirements
• Lead and coordinate the information security stream of certification and assurance activities (ISO 27001, SOC 2, and related standards)
• Participate in internal and external audits, coordinate evidence collection, and support successful certification outcomes
• Support the implementation of regulatory and industry requirements related to information security controls, in cooperation with Legal & Compliance
• Coordinate the implementation and maintenance of technical and organizational measures (TOMs) related to data protection, working with Engineering, Product, and Legal & Compliance
• Participate in security and data-related incident investigations from an information security governance and controls perspective
• Act as the primary point of contact for information security compliance topics with internal stakeholders and external auditors
• Identify gaps, risks, and improvement opportunities within the information security compliance framework
• Promote best practices, automation, and efficiency across GRC and ISMS documentation processes

• 3+ years of experience in information security governance, GRC, ISMS, or security compliance
• Hands-on experience managing ISMS documentation and information security compliance processes
• Strong knowledge of ISO 27001, SOC 2, and information security governance frameworks
• Experience supporting data protection requirements through technical and organizational security controls
• Practical experience participating in audits, certifications, and compliance initiatives
• Ability to translate regulatory and standard requirements into clear, actionable security controls
• Strong communication and stakeholder coordination skills
• Experience working in regulated and/or multi-jurisdictional environments

• ISO 27001 Lead Implementer or Lead Auditor certification
• CISM certification
• CIPM certification (advantage)
• Experience with GRC platforms or privacy management tools
• Background in betting, gaming, fintech, or financial services
• Exposure to vendor risk assessments or regulatory audits
• Ability to work on-site in Riga, Budva, or Barcelona

#Possible Relocation

• Comprehensive Health Insurance Prioritizing your well-being with thorough health coverage
• 100% Paid Sick Leave Rest easy knowing youre supported during unexpected health challenges
• Continuous Learning & Growth Access extra education opportunities to keep your career advancing
• Generous Paid Time Off Recharge with 20 paid vacation days, plus additional 6 days off to support you during any important family event or celebration
• Diverse & Dynamic Team Join a vibrant, international team passionate about excellence in product development
• Language Development Tailored language courses to help you excel in a multilingual work environment
• Exciting Corporate Events & Team-Building Embrace your adventurous side with fun team activities
• Top-Quality Equipment Boost productivity with the latest hardware for your role
• Welfare Program Feel secure with financial support available in critical situations
• Celebrating Milestones We honor lifes big moments, from marriage to parenthood, with thoughtful gifts

This position allows for remote or on-site work from one of our offices in Riga, Budva, or Barcelona.