We are looking for a Governance, Risk & Compliance (GRC) Expert to join a long-term project with a European public-sector client.

In this role, you will support data protection, privacy, governance, and compliance initiatives across complex ICT environments. You will work closely with business stakeholders, technical teams, architects, and security specialists to ensure compliance with EU data protection legislation and privacy requirements.

This is a fully remote position.

Responsibilities

The ideal candidate will be responsible for:

• Supporting data protection and privacy compliance activities across ICT services and systems
• Conducting and reviewing DPIAs, RoPAs, privacy notices, and related documentation
• Assessing technical and organisational measures related to personal data protection
• Analysing data flows, access controls, retention policies, logging, and third-party processing arrangements
• Identifying compliance gaps and recommending corrective actions
• Supporting governance frameworks, policies, procedures, and awareness activities
• Collaborating with business, legal, security, and technical stakeholders

Requirements

To excel in this role, you'll need:

• At least 5 years of relevant IT professional experience
• At least 4 years of experience in a similar GRC, privacy, or compliance role
• Master's degree (EQF Level 7) in a relevant discipline
• At least 3 recognised certifications such as CISA, CISM, CRISC, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, ISO 27005 Risk Manager, CAP, CISSP-ISSMP, GIAC certifications, or equivalent
• English at C1 level (CEFR) or higher
• Technical Skills
• Strong knowledge of EU data protection legislation and privacy frameworks
• Experience with DPIAs, RoPAs, Data Processing Agreements (DPAs), Transfer Impact Assessments (TIAs), and privacy documentation
• Understanding of ICT environments, system ownership, and data processing roles
• Experience analysing technical arrangements related to personal data protection, including access controls, logging, retention, hosting, and data flows
• Knowledge of governance, risk management, and compliance methodologies
• Ability to assess and document compliance requirements in complex technology environments

Personal Skills

• Excellent communication and stakeholder management skills
• Strong analytical and problem-solving abilities
• Ability to work with incomplete or conflicting information and identify gaps
• Strong documentation and reporting skills
• Ability to explain privacy and compliance concepts to both technical and non-technical audiences

Please note that this role is only available to freelance/self-employed contractors. The initial contract duration is 12 months, with the possibility of extension for up to 48 months. Applicants must hold citizenship of an EU member state.

If you find our proposal interesting and you meet the above requirements for the position, please don't hesitate to apply.

All applications will be treated strictly confidential.

About Comstream:

Comstream is a dynamic and growing organization with approximately 80 employees. We specialize in connecting top IT talent with ambitious growth companies, while also delivering outstanding customer support across a wide range of industries. In addition, we proudly develop and continuously improve our proprietary SaaS platform, Jobshark, designed for tech recruitment and freelancing.

Over the past few years, we’ve achieved significant growth — and we’re just getting started. If you're looking to join an international company with a welcoming welcoming, Scandinavian-inspired culture, Comstream could be the perfect fit. We’re committed to your professional development and offer an environment where you’re empowered to thrive.

At Comstream, teamwork is the foundation of everything we do. We foster a culture where every voice is heard, and where collaboration, freedom, and empowerment aren’t just values — they shape the way we work every day. Here, you’ll have the opportunity to make a meaningful impact.

For more information, please visit: www.comstream.eu