
201 - 500 employees
Founded 2002
🤖 Artificial Intelligence
🛍️ eCommerce
Artificial Intelligence • eCommerce • Customer Service
Omilia is a leader in Conversational AI, specializing in voice and chat solutions that enable natural, end-to-end customer interactions. Their Omilia Cloud Platform provides advanced AI-driven customer service tools, including real-time agent assistance, voice biometrics for fraud prevention, and data analytics to enhance customer insights. Serving industries such as finance, insurance, retail, automotive, and travel, Omilia focuses on automating customer service while ensuring a secure and personalized experience.
🔥 0 minutes ago
Improve your chances of getting an interview by checking your resume score before you apply.

201 - 500 employees
Founded 2002
🤖 Artificial Intelligence
🛍️ eCommerce
Artificial Intelligence • eCommerce • Customer Service
Omilia is a leader in Conversational AI, specializing in voice and chat solutions that enable natural, end-to-end customer interactions. Their Omilia Cloud Platform provides advanced AI-driven customer service tools, including real-time agent assistance, voice biometrics for fraud prevention, and data analytics to enhance customer insights. Serving industries such as finance, insurance, retail, automotive, and travel, Omilia focuses on automating customer service while ensuring a secure and personalized experience.
• Own the full lifecycle of ISO 27001, SOC 2 Type II, C5, PCI-DSS, and Cyber Essentials certifications: scoping, evidence library, audit coordination, management responses, and remediation tracking. • Own the GDPR operational compliance framework: DPIA process, LIA and TIA governance, RoPA maintenance, breach response documentation, and cross-border transfer mechanisms in collaboration with the DPO. • Maintain active compliance frameworks for DORA, NIS2, HIPAA, CCPA/CPRA, and the EU Data Act, maintaining current obligation tracking and client assurance artefacts. • Own breach and incident response governance end to end: process, regulatory notification decision support, Art. 33/34 documentation, and the regulatory notification register. • Drive control owner accountability without direct authority: translate regulatory obligation into business consequence, manage evidence deadlines, escalate where necessary. • Manage the ISMS evidence library, own the certification body relationship for ISO 27001 and C5. • Coordinate SOC 2 Type II readiness: TSC scoping, evidence collection, auditor engagement, report distribution, and management response drafting. • Maintain the RoPA, conduct DPIAs and LIAs, and manage data subject rights governance under GDPR. • Track and implement obligations under DORA, NIS2, HIPAA, CCPA/CPRA, EU Data Act, and Cyber Resilience Act as live regulatory requirements, not awareness items. • Coordinate BAA execution and PHI obligation documentation with Legal for healthcare accounts. • Run the compliance deliverable tracker; close loops on evidence collection without being managed. • Translate regulatory obligations into plain-language business impact and secure timely responses from technical and product stakeholders who do not report to this role. • Manage the end-to-end coordination of client compliance audits: evidence packs, management responses, findings remediation. • Maintain and administer the GRC automation platform, including uploading evidence and monitoring control status.
• 4 to 8 years in the GRC field, with the majority in regulated B2B technology or SaaS environments. • ISO 27001 Lead Auditor or Lead Implementer credential (mandatory). • Demonstrated end-to-end SOC 2 Type II ownership: scoping, evidence coordination, auditor management, and management response, not just participation. • GDPR practitioner depth: DPIA, RoPA, data subject rights, cross-border transfer mechanisms (SCCs, BCRs). Not a legal role, but Regulation-level fluency is required. • Active working knowledge of DORA and NIS2 as live compliance obligations; familiarity with HIPAA BAA coordination and US state privacy law tracking (CCPA/CPRA) is a strong advantage. • Experience with a GRC automation platform at an operational level, not just as a user. • Soft and Behavioural Skills • Runs a personal compliance tracker, closes loops independently, and does not require follow-up to meet deadlines. • Translates regulatory obligation into business consequence in plain language and drives timely response from technical teams and product stakeholders without formal authority. • Treats business pushback as the beginning of a process, not the end: documents, escalates, and tracks to resolution. • Comfortable being the compliance practitioner in the room during an audit: composed, prepared, and accountable for management responses. • Operates with minimal supervision in a small, high-output team where there is no large department to absorb operational errors or deadline slippage.
• Fixed compensation; • Long-term employment with the working days vacation; • Development in professional growth (courses, training, etc); • Being part of successful cutting-edge technology products that are making a global impact in the service industry; • Proficient and fun-to-work-with colleagues; • Apple gear.
Apply Now