Senior GRC Specialist

The Mill Adventure is a scale-up with the ultimate mission of building awesome products that will change the way the iGaming industry operates. We started our journey in 2019 with the vision of building a technology driven organisation and creating a team consisting of the best of the best specialists in their respective fields.

Today we provide a complete gaming platform including licences and operations for rapid deployment and success in iGaming. Our team of 130 technology and iGaming experts is guided by passion for invention operational excellence and commitment to improve the inefficient.

We trust and value our team and we strive to accommodate the right working conditions for each individual in remote office based or mixed models. We see the strength in being different and embrace the cultural diversity existing in our group.

As our business continues to grow we are looking for a highly autonomous and experienced Senior GRC Specialist. In this role you will not just maintain our GRC functionyou will own it. Working closely with our CISO and security engineering team you will be responsible for defining the road ahead: identifying our gaps selecting the right frameworks and taking full responsibility for our governance risk and compliance posture. We need a mature professional who knows how to listen to engineering teams build pragmatic policies and drive security without being a roadblock.

Tasks

What You Will Do:

• Establish the GRC Roadmap: Assess our current environment identify gaps and design a clear actionable GRC roadmap aligned with our business goals. You tell us what we are missing and how to fix it.
• Act as a Business Enabler: Eradicate the security as a blocker mentality. Partner actively with product and engineering teams during the design phases to find secure paths to yes ensuring our governance supports business velocity rather than slowing it down.
• Lead Framework Implementation: Take full responsibility for managing and maturing our ISO 27001:2022 certification. Drive compliance initiatives for PCI DSS and prepare our posture for NIS2 requirements.
• Drive Risk Management: Autonomously select and implement the most appropriate risk management frameworks. Own the risk register lead risk assessments and translate complex technical risks into clear business impacts and mitigation strategies.
• Design Business-Aligned Governance: Design write and enforce information security policies and standards. Actively solicit feedback from engineering and business teams to ensure policies are practical and business-enabling.
• Champion Security Culture: Own and evolve our security awareness program. Move us beyond boring check-the-box compliance videos by creating engaging context-aware training that actually resonates with engineers product teams and business operations.
• Lead Audits & Compliance: Take the helm on all internal and external security-focused audits assessments and reviews. Act as the definitive subject matter expert for regulatory inquiries.

Requirements

Youll be a great fit if you have:

• 58 years of dedicated experience in Cyber GRC Information Security or Technology Risk.
• Framework Expertise: Demonstrated hands-on experience implementing and managing ISO 27001:2022 (mandatory). Deep knowledge of PCI DSS and familiarity with NIS2 is highly desirable.
• iGaming Experience is a Strong Plus: A deep understanding of the technology-led highly regulated iGaming environment is highly desirable. (If you dont have this proven experience in similarly complex fast-paced and regulated sectors like fintech SaaS or payments is a great substitute).
• An Enabler Mindset: The commercial awareness to understand that security exists to protect the business not to halt it. You excel at finding pragmatic secure workarounds rather than just throwing up red tape.
• Strategic & Autonomous Execution: You dont need a checklist; you create the checklist. You have a track record of building or significantly maturing GRC functions from the ground up.
• Mature Judgment: You possess the emotional intelligence to work alongside highly technical teams. You leave your ego at the door listen to feedback and focus on collaborative problem-solving.
• Exceptional Communication: Strong analytical risk assessment and documentation skills with the ability to articulate complex security concepts to both engineers and executive leadership.
• Alignment with our Values: High integrity ownership transparency and a continuous drive for performance and improvement.

Benefits

• A lean focused company offering a flexible working environment
• The opportunity to work with and learn form a highly skilled talented team
• A great company culture where accountability is innate transparency is key and competency is virtue
• Being part of a small tight knit caring community
• Work equipment of your choice
• Private health insurance
• Learning budget
• Fitness benefit
• Parking/transport or co-working allowance
• Company wide and team based get togethers