Alert: We are aware of a fraudulent email approach to some clients to change our bank details. Please note our bank details remain unchanged. If you’ve received any suspicious communication, please contact us directly.

Submit a VacancyUpload Your CVGet in Touch iconGet in Touch
SubBanner banner image

Governance, Risk & Compliance Specialist

Basel-Stadt, Switzerland

Apply by 7 Feb 2026

Competitive

Job Ref.: BH-56506

Apply Now
Share Job
Consultant
Nadine Zinovyeva image
Nadine Zinovyeva
Senior Managing Consultant

Job Description

Governance, Risk & Compliance Specialist
 
Support global IT and compliance objectives by managing cybersecurity governance, risk, and compliance processes. This position ensures adherence to regulatory requirements (such as GxP, GDPR, ISO 27001, and NIST) and oversees exceptions management and workflow automation to maintain a secure and compliant IT environment.
 
Responsibilities:
  • Governance & Policy Management:
    • Maintain and update cybersecurity policies, standards, and procedures aligned with ISO 27001, NIST, and GxP requirements.
    • Ensure IT governance processes support business and regulatory objectives.
  • Risk & Compliance:
    • Conduct IT risk assessments and maintain risk registers.
    • Monitor compliance with data protection laws and internal security policies.
    • Prepare for and support internal/external audits (regulatory and customer).
  • Exceptions Management:
    • Manage policy exceptions lifecycle: request, approval, tracking, and expiration.
    • Assess risk impact of exceptions and ensure mitigation plans are in place.
  • Workflow & Automation:
    • Design and optimize workflows for compliance tasks (risk assessments, audits, incident handling).
    • Implement automation in GRC tools (e.g., ServiceNow, Archer) for exception handling and reporting.
  • Metrics & Reporting:
    • Track and report Key Risk Indicators (KRIs) and compliance metrics.
    • Provide dashboards and reports to management for decision-making.
Qualifications:
  • Bachelor’s degree in Information Security, IT, or related field
  • 2–4 years of experience in GRC or cybersecurity compliance, preferably in pharmaceutical industry
  • Knowledge of frameworks: ISO 27001, NIST CSF, GDPR, GxP
  • Familiarity with GRC platforms (ServiceNow, Archer) and workflow automation
  • Certifications (preferred): CISM, CISA, CISSP, ISO 27001 Implementer
  • Microsoft Certified: Azure Security
  • Strong analytical, communication, and stakeholder management skills
  • Ability and eligibility to work in Switzerland (hybrid set-up)
 
Sounds interesting? Please apply by submitting your CV and relevant documents.
APPLY NOW

Recent Jobs.

Senior Network Engineer
Basel-Stadt, Switzerland

Senior Network Engineer for a leading international financial institution in Basel, and your profile caught my attention. I’d love to discuss this opportunity with you in more detail. Key skill: Cisco

Group Finance Director – International Litigation Finance & Family Office
Switzerland

Gruppen-Finanzdirektor – Internationales Litigation Finance & Family Office Standort: Zürich, Schweiz Sprachen: Deutsch und Englisch (fliessend) Über die Position Unser Kunde in Zürich sucht eine er

Business Analyst - HR Suite
Zuerich, Switzerland

Business Analyst/in HR-Suite (80–100%) Startdatum: 01.02.2025 Vertragsdauer: bis 31.12.2026 Einsatzort: Zürich Projektbeschreibung: Sie arbeiten eng mit HR-Fachvertretern, diversen Stakeholdern und