GRC & Client Assurance Manager

Join beqom — where tech meets impact

beqom is a high-growth B2B SaaS company that provides industry-leading tools for pay equity and transparency, compensation, and performance management.

Trusted by some of the world’s most respected companies, beqom enables HR and business leaders to navigate global compliance and make smarter pay decisions that attract, retain, and motivate top talent.

Founded in Switzerland and serving clients worldwide, our powerful, enterprise-ready products are fuelled by beqom pay intelligence.

Role Overview

We are looking for an experienced and pragmatic GRC Manager to build, own, and continuously strengthen beqom’s governance, risk, and compliance function. This role will ensure that beqom operates with a robust, scalable, and commercially effective GRC framework across our international footprint — while meeting the expectations of enterprise customers in highly regulated sectors, including banking and financial services.

Reporting to the Head of Legal, you will own the company’s compliance governance model, working closely with Legal, Security, Product, Engineering, Finance, People, and Go-to-Market teams. The role combines strategic ownership with hands-on execution, and will be central to reinforcing trust with customers, partners, auditors, and other external stakeholders.

What you'll be doing

Compliance Strategy & Governance

• Design, implement, and evolve the company’s global compliance framework across all relevant jurisdictions.
• Establish and maintain policies, standards, controls, governance forums, and reporting routines.
• Lead enterprise-wide compliance risk assessments and maintain the compliance risk register.
• Define monitoring, testing, and issue-management processes to identify, escalate, and remediate compliance gaps.
• Provide regular reporting to the Head of Legal and executive team on compliance risks, incidents, trends, and remediation progress.

Privacy & Regulatory Compliance

• Oversee the company’s compliance approach to data protection and privacy requirements — including GDPR and other applicable privacy obligations — in partnership with Legal and Security.
• Ensure the organisation can demonstrate accountability through proportionate documentation, reporting, and governance.
• Support regulatory-readiness activities and coordinate external inquiries where relevant.

Customer & Partner Assurance

• Act as the senior GRC lead for customer due diligence, regulated-sector questionnaires, control reviews, and audit requests.
• Support strategic deals by addressing compliance, governance, and assurance requirements from enterprise customers, especially in banking and other regulated sectors.
• Partner with Sales, Solution Advisory, Security, and Legal to strengthen trust materials and compliance positioning.

Third-Party Risk & Resilience

• Build and oversee the compliance aspects of third-party risk management — including vendor assessments, subprocessors, outsourcing controls, and ongoing monitoring.
• Ensure the company’s control environment supports the expectations of financial-services clients regarding resilience, oversight, and risk management.
• Partner with Security and Operations on incident governance, escalation, and post-incident remediation tracking.

Controls, Certifications & Audit

• Oversee GRC readiness for external assurance frameworks and certifications, including SOC 2, ISO 27001, and related control programmes.
• Coordinate internal and external audits and ensure effective follow-through on findings and corrective actions.
• Maintain evidence, documentation, and policy governance required to support customer and audit assurance.

Business Partnership & Enablement

• Provide compliance input into new products, AI-related use cases, commercial initiatives, customer contracts, and market expansion plans.
• Deliver practical training and awareness programmes to embed a strong culture of compliance and accountability.
• Advise leaders on how to balance compliance rigour with operational scalability and business growth.

Skills & Experience

What you'll bring

• Demonstrated success building or scaling a compliance or GRC function in an international company.
• Proven experience in both a leadership GRC, compliance, risk, governance, or regulatory assurance role.
• Experience in a B2B SaaS, fintech, regtech, payments, or other technology environment serving regulated customers.
  
• Strong working knowledge of privacy, control frameworks, policy governance, audit coordination, and third-party risk management.
• Experience supporting enterprise customer due diligence and audits.
• Strong judgement and stakeholder management skills — comfortable engaging at senior and executive level.
• Ability to operate strategically while remaining hands-on.

Bonus points if you have

• Experience working with banking, financial-services, or insurance-sector customers.
• Familiarity with DORA, EBA outsourcing expectations, or equivalent financial-sector third-party governance requirements.
• Experience with SOC 2, ISO 27001, and related assurance frameworks.
• Experience across both Europe and the US.
• Relevant certifications such as CIPP/E, CRISC, CRCM, CISSP, or ISO 27001-related credentials.

Why join us?

• Your career, your design. Unleash your ambition in our dynamic, autonomous environment.
• Drive meaningful change. Build a fairer future for every employee by joining a market leader that is improving the world of work.
• Belong to something bigger. Collaborate with a passionate, diverse and talented team around the globe.