Your impact

We are looking for a professional who bridges the gap between rigorous legal excellence and the strategic agility of a risk manager. This is a strategic position requiring a deep integration of regulatory compliance and commercial acumen. This role is designed for a proactive specialist who can operate within a highly regulated environment and address complex legal challenges across diverse business units.

Responsibilities

• Ensuring and supervising compliance with national, European, international, internal, and industry standards
• Performing risk assessment processes and supervising risk management in the company
• Overseeing company policies and procedures, ensuring all policies are cohesive, updated, effectively communicated, and executed
• Acting as a guardian of our standards by conducting internal audits and identifying gaps to implement corrective actions
• Navigating the complex documentation required for meeting compliance with AI and data protection legislation and standards
• Managing the vendor risk assessment process
• Providing vital support to the commercial team during contract negotiations, ensuring our commercial agreements align with our compliance standards, and legally supporting the commercial team in their day-to-day work
• Partnering closely with People & Culture on policy alignment, contracts, and compliance-related topics
• Handling other legal matters that appear in the companys day-to-day work

Role Requirements

• Legal foundation - you hold a degree in Law and have at least +5 years of experience in either a law firm specializing in the new technologies, or you held a position of legal counsel (or equivalent) as an in-house
• Experience in the compliance area - you can demonstrate you have either education and/or experience in working with Compliance and Risk Management topics
• Experience in SaaS or other contracts in the AI environment
• Hands‑on experience with ISO standards (while we highly value ISO 31000 (Risk Management), experience with ISO 27001, 42001, 9001, or 13485 is a strong plus)
• Experience as an internal auditor or a clear understanding of audit methodologies is essential
• C1 or higher level of proficiency in English (legal English included) and the capability to negotiate complex contracts and draft precise documentation for international stakeholders
• Business acumen - you understand that compliance is an enabler for business, and you know how to balance "by-the-book" requirements with the operational needs of the tech company
• Proactive mindset - you dont wait for instructions when you see a potential risk, you are a self-starter who enjoys building processes from the ground up

Nice to have

• Familiarity with medical device regulations (MDR) or specific healthtech regulatory frameworks