Risk Officer

As a Risk Officer at Cerrix, you will play a pivotal role in safeguarding our operations and enabling sustained innovation within our GRC (Governance, Risk, Compliance) SaaS environment. You will manage our current compliance certifications (ISO 27001, ISAE 3402) and lead our transition toward SOC 2Type II, acting as a trusted partner for both internal stakeholders andexternal auditors.

We’re in an exciting phase of growth and digital transformation. Our team values collaboration, clarity, and customer-centricity—ensuring we deliver robust and intuitive risk solutions. If you’re looking to grow with a dynamic, forward-thinking organization, this is the opportunity for you!

Here’s what you’ll do:

• Manage and maintain our Information Security Management System (ISMS) in accordance with ISO 27001.
• Oversee internal control frameworks aligned with ISAE 3402, ensuring compliance and readiness for external audits.
• Drive the implementation and successful audit of SOC 2 Type II, coordinating cross-functional readiness.
• Conduct risk assessments, gap analyses, and mitigation planning (including maintaining and updating a risk register).
• Serve as the point of contact for external auditors and compliance officers during audit processes.
• Advise management on risk exposure, audit findings, and necessary corrective measures.
• Develop and update risk and security policies, awareness programs, and training initiatives.
• Translate technical controls and compliance requirements into practical guidance for non-technical stakeholders.

‍

Does this sound like you?

• 1+ years of experience in risk, compliance, internal audit, or a related role—preferably in a SaaS, tech, or heavily regulated environment.
• Strong knowledge of and experience with one or more risk and control frameworks (e.g., ISO 27001, ISAE 3402, SOC 2, plus familiarity with COSO, COBIT, NIST is a plus).
• Comfortable working with auditors and guiding teams through certification and compliance processes.
• Excellent communication skills—able to explain risk concepts clearly to both technical and non-technical audiences.
• Self-driven, organized, and proactive, with a continuous improvement and solutions-focused mindset.
• Fluent in English; Dutch proficiency is a plus.

What we offer you

• Learning and development opportunities to grow your expertise.
• Fun teambuilding initiatives, social and sports activities.
• Being surrounded by an all‑star team with a unicorn dream.
• Work in an inspiring, fast‑growing, international environment.
• Competitive salary and benefits to support your well‑being and growth, including:
  • Ergonomics Voucher – Upgrade your home office for optimal productivity.
  • Quarterly Mental Health Days – Take a fully paid day off each quarter to rest and recharge.
  • Learning & Development Budget – Receive an annual budget (e.g., €500+) for professional certifications or training.
  • Flexible  Work Location – Go to the office two days per week, with occasional “workations” from inspiring places.

At CERRIX, we believe in the power of diversity and innovation, valuing each team member’s unique perspective to drive our success. As we grow, we’re looking for driven professionals who are passionate about making a real difference.

About Us

Founded in2014, CERRIX provides software services for Governance, Risk, and Compliance. The platform offers fully integrated functionality for Business Process Management, Risk and Compliance Management, and Audit. Its action-oriented features support the risk management process, complemented by automatic integrations with other systems. CERRIX is valued for its strong user-friendliness, flexibility, and swift implementations.

‍