• Deliver day-to-day Governance, Risk, and Compliance (GRC) services • Focus on operational execution, coordination, and reporting across compliance, security assurance, and governance activities • Responsible for client audits, evidence gathering, managing compliance tools, supporting security questionnaires • Monitor security controls and facilitate regulatory alignment • Oversee ongoing governance activities throughout the Atmosera client portfolio • Operate within defined service hours (Monday–Friday, 8am–5pm PT)

• Provide customer support across an omni-channel environment, including inbound phone calls, live chats, email, and back-office tickets, ensuring timely and accurate resolution. • Guide users through the PCI-DSS compliance process, delivering clear, step-by-step instructions to maintain regulatory and security standards. • Assist customers in accessing, navigating, and troubleshooting the online platform, ensuring issues are addressed with minimal disruption to operations. • Demonstrate strong analytical and problem-solving skills by leveraging available knowledge bases, tools, and resources to independently resolve complex issues. • Prioritize first-contact resolution by efficiently collecting, verifying, and applying the necessary information to address inquiries. • Proactively identify and communicate opportunities to streamline processes, recommend improvements, or escalate trends that impact efficiency or compliance. • Manage workload effectively and work independently without direct supervision, maintaining accountability for productivity and accuracy. • Handle escalations and difficult conversations with professionalism, focusing on resolution and adherence to company policies. • Ensure all customer interactions are documented thoroughly and accurately in internal systems, following established protocols and compliance requirements. • Consistently achieve or exceed performance metrics, service level standards, and quality expectations across all support channels.

Role Description Frontex's Digital Services Unit (DIG) is reinforcing its capacity to handle personal data protection and privacy compliance across its ICT environment. As GRCE, you'll support Frontex in applying Regulation in practice — turning legal and governance requirements into concrete documentation, processes and follow-up actions across multiple ICT systems, projects and procurements. - Preparing, updating and improving Records of Processing Activities (RoPAs) and Data Protection Impact Assessments (DPIAs) across ICT systems - Drafting and maintaining privacy notices and related data protection documentation - Validating personal data protection documentation against technical reality, working closely with system and technical owners - Analysing and documenting technical arrangements relevant to data protection: access rights, logs/SIEM exports, retention, hosting, data flows, transfers and processor chains - Supporting technical fact-finding for personal data breach incidents (without taking over breach qualification or notification decisions) - Working with incomplete or inconsistent information — distinguishing confirmed facts from assumptions and structuring clear next steps for management follow-up - Tracking actions, gaps and remediation items, and coordinating with system owners, project teams and the Frontex DPO - Providing privacy-by-design input into ICT projects, system changes and procurement files Qualifications - 5+ years of IT-relevant professional experience, including 4+ years in a similar role - At least 5 years of personal data protection compliance experience in an ICT, EU institutional, public-sector or similarly technology-heavy environment - At least 3 years of hands-on experience preparing, updating or reviewing RoPAs, DPIAs, DPAs or TIAs for real systems, including data mapping and validating input from system/technical owners - At least 2 years of experience analysing technical arrangements relevant to data protection (access rights, logs, retention, hosting, transfers, processors) - Excellent understanding of EU data protection legislation, standards and compliance frameworks - Strong stakeholder management and communication skills across technical and non-technical audiences Requirements - Minimum education: Master's degree or equivalent - At least 3 certifications among: CISA, CISM, GSNA, GCCC, ISO 27001 Lead Implementer/Auditor, ISO 27005 Risk Manager, CAP, CRISC, CISSP-ISSMP, GIAC ISO-27000 Specialist (or internationally recognized equivalents) Languages - Fluent English (C1) Work Model - Full remote Location - Europe

• The Compliance Manager is responsible for leading compliance, regulatory oversight, quality assurance, and safety programs across XpresTest operations. • This role serves as the primary resource for ensuring adherence to federal, state, local, airport, and healthcare-related regulations while supporting operational excellence and risk mitigation. • The Compliance Manager partners closely with Operations, Clinical Leadership, Quality Assurance, Human Resources, Legal, Facilities, Information Security, and site leadership to develop, implement, monitor, and continuously improve compliance programs, policies, training, and standard operating procedures. • The position plays a critical role in maintaining regulatory readiness, supporting audits and inspections, promoting workplace safety, and ensuring the consistent delivery of compliant testing services across all locations.