IT Compliance Officer

About Nebius AI 

Launched in November 2023, the Nebius AI platform provides high-end infrastructure and tools for training, fine-tuning and inference. Based in Europe with a global footprint we aspire to become the leading AI cloud for AI practitonerts around the world.

Nebius is built around the talents of more than 500 highly skilled engineers with a proven track record in developing sophisticated cloud and ML solutions and designing cutting-edge hardware. This allows all the layers of the Nebius AI cloud – from hardware to UI – to be built in-house, clearly differentiating Nebius from the majority of specialized clouds: Nebius customers get a true hyperscaler-cloud experience tailored for AI practitioners.

As an NVIDIA preferred cloud service provider, Nebius offers the latest NVIDIA GPUs including H100, L40S, with H200 and Blackwell chips coming soon.

Nebius owns a data center in Finland, built from the ground up by the company’s R&D team. We are expanding our infrastructure and plan to add new colocation data centers in Europe and North America already this year, and to build several greenfield DCs in the near future.

Our Finnish data center is home to ISEG, the most powerful commercially available supercomputer in Europe and the 19th most powerful globally (Top 500 list, June 2024). It also epitomizes our commitment to sustainability, with energy efficiency levels significantly above the global average and an innovative system that recovers waste heat to warm 2,000 residential buildings in the nearby town of Mäntsälä.

Nebius is headquartered in Amsterdam, Netherlands, with R&D and commercial hubs across North America, Europe and Israel.

The role

We are seeking an experienced IT Compliance professional specialising in IT Controls and Governance, SOx, and Audit Management.

This position is integral to our Governance, Risk, and Compliance (GRC) team and involves close work with IT and business leaders, as well as our Internal Audit & Internal Control team.

You have the flexibility to work from our Amsterdam office, in a hybrid capacity or remotely.

Your responsibilities will include: 

• Collaborate with IT and business units to design, implement, and enhance controls within the company-wide control framework.
• Lead the preparation of Platform and IT Corporate Services for the annual SOx audit program, manage audit coordination efforts and represent IT and Business perspectives in various subject matters.
• Maintain and monitor the control framework to manage risk, ensuring unification and compliance with SOx, SOC-2, ISO and other standards.
• Deliver tangible results by streamlining processes like incident management, access management etc.
• Conduct due diligence across various security related processes, make corrections and propose appropriate amendments.
• Connect business processes to technology processes and controls by identifying IT dependencies (IPEs) to ensure risk management through adequate controls.
• Propose risk mitigation actions and remediation plans, offering both general and technical guidance to prevent future issues and defining necessary controls.
• Align IT processes and general controls (ITGCs) with the control framework, including assessing service organisation controls (SOC reports).
• Ensure compliance with IT Risk & Security policies and regulations.
• Oversee the performance of IT controls across the business to ensure timely and effective execution.

We expect you to have: 

• Master’s degree in Computer Science or Information Systems, with certifications such as CISA or CISM.
• Background in audit or internal control, with a preference for client-side experience in addition to consultancy.
• Hands-on experience with integrated IT/Business SOx frameworks, COBIT, SOC-1/2, ISO 27001 programs, and familiarity with control procedures, evaluation, automation, monitoring, testing, evidence collection and remediation activities.
• Advanced understanding of internal controls, with a proven ability to interpret complex issues, assess risks
• Experience with cloud technology companies is highly desirable.
• Knowledge of DevOps and Kubernetes.
• Strong stakeholder engagement skills, especially with control/process owners and auditors.
• Ability to work independently in a dynamic environment with a hands-on approach.
• Ability to understand complex issues with the context, identify key controls and facilitate discussions with senior management.
• Experience with Oracle Netsuite (experience with Hibob and Cobase is a plus).
• Proficiency in English. 

We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!