Looking to determine if Criipto is the right match for your team? Contact sales →
Live status
Log in
Test for free Contact us
Test for free Contact us
Live status

Governance, Risk & Compliance Automation Officer

Governance, Risk & Compliance Automation Officer

Apply at the Hub Get in touch

We’re looking for our first dedicated hire for our Trust Center, which we expect to grow rapidly in the coming years. We need someone to build GRC systems, meaning quality systems, document control, and establishing a governance system.

 

We do not expect you to solve everything alone but to figure out the initial steps, scope the work, and keep the entire team up to date on everything compliance.

We have three areas of work for you:

All existing products are to be compliant at the same level as our broker solution

 

We’re currently NSIS and MitID Broker certified and are working towards ISAE 3000 declarations and ISO2700* for our core product. We need everything else in our portfolio to be brought up to the same level and then kept up and developed further.

 

Automation of our compliance processes

 

We need someone who wants to do more than just place x’es on a checklist. We’d like to automate as many of our compliance processes as possible. You must be able to translate compliance controls into a core element of our software’s DNA instead of getting in the way of how we build software. You’ll need to be able to work with Product and turn compliance regimes into software practice.

 

Analyze and make recommendations on new trust regimes

 

We’re looking forward to the new eIDAS2.0 and the ETSI requirements for Trust Services. We need you to help us analyze it and find out what it’ll mean for our software. We imagine someone who enjoys reading regulations and making them usable in the Product Teams’ daily work.

 

A large part of your work will be internal. Our owners, BankID BankAxept, have their own setup that we may align with. You’ll work closely with Marketing on website content and how we write about products and services. You’ll be the go-to person for questions from your colleagues and help raise awareness of GRC and compliance in Criipto.

 

Your background? We don’t know

 

Maybe you’re an accountant, maybe something else. We hope that you have an interest in software and maybe a bit of experience with R, PowerBI, Python, or the like. Perhaps you have already dabbled in automations as a proof of concept.


It would be great if you have experience participating in audits for ISO 27001, ISO 20000, SOC 2, or similar certifications. And for extra points, with D4, Decision Focus, or LinkGRC.

 

You’ll be working closely with our CTO Mikkel Christensen and the Product Team.

We’ve recently been acquired by Norwegian BankID BankAxept and maintain our own brand, office, and strategy as an independent company in our own right. However, we have a shared vision and strategy for the European portfolio of identity and signature products.

 

We’re based in Copenhagen, close to Vesterport.

Our principles: Poka yoke and minimal queuing

 

We work with two principles: poka-yoking and queue theory.

Poka yoke is a Japanese term for mistake-proofing in the design of a product. Simply put, Criipto’s products are designed to prevent misuse and mistakes. That does not happen by making extensive error catching, but by eliminating error categories altogether. That’s what makes our product code clean, simple and almost elegant.

One of the biggest issues today is mental capacity. No matter how good you are, you have a limit to your working memory. Thats why we think in queue theory in the development team. If the backlog keeps piling up, and the team’s workload is always at maximum, efficiency slows.
It’s like a road with heavy traffic. The second someone hits the brakes, there’s a cascading effect behind that car - everything slows down immediately. That’s why our roadmap is never too full, and why we aim to be booked at 50%. That gives us capacity to handle everything from great ideas to customer support on a daily basis. 

We like the concept of Kaizen - where we as a team work at continuous improvements. Both in the product and in the way we work.

Criipto: A simpler way to a safer world

 

At Criipto we are on a quest to make the digital world a safe place to roam. Our mission is to prevent people from having their digital identity stolen or misused. 

Our tools are identity authentications, which can be trusted by users to be safe. They are wrapped in neat and simple solutions, accessible, and easy to use. Our solutions enable our customers to integrate the best available digital identity technologies into their business. As their partner in the process, we monitor that everything is progressing according to plan, while preparing for the future by thinking ahead - in tech, legal and UX.

To succeed we need to be creative and adapt to the ever changing digital world. That is why we pledge to continuously develop our understanding and to map uncharted territory to fuel our construction of a safer digital world. 

Such is the nature of our quest, and that’s exactly how we want it.