• Lead end-to-end administration of health, welfare, and retirement programs, including plan management, renewals, and ongoing operations. • Manage and execute the annual Open Enrollment process, including system setup, employee communications, education, and reconciliation. • Administer 401(k) and retirement programs, including enrollments, contributions, vendor coordination, and audit support. • Partner with brokers and vendors to evaluate plan performance, resolve escalations, and recommend enhancements to offerings. • Ensure compliance with federal, state, and company requirements related to benefits, leave, and employee records (e.g., ERISA, ACA, HIPAA, ADA, FMLA, COBRA). • Conduct and support compliance audits, including I-9 audits, employee file reviews, and benefits-related reporting requirements. • Manage required regulatory filings, notices, and documentation associated with employee benefits programs. • Oversee administration of leave programs, including FMLA, state leaves, and company policies, ensuring compliance and a positive employee experience. • Serve as the primary point of contact for employee benefits inquiries, providing guidance on plan options, eligibility, and issue resolution. • Support onboarding and offboarding processes with a focus on benefits enrollment, transitions, and eligibility. • Drive continuous improvement of benefits processes, documentation, and workflows to increase efficiency and scalability. • Support HRIS-related initiatives and system integrations (e.g., ADP), ensuring accuracy and process consistency. • Manage employment verifications and maintain strict confidentiality of sensitive employee data. • Collaborate with HR, Finance, Legal, and external vendors to support benefits strategy and compliance initiatives. • Provide insights and reporting to leadership on benefits trends, utilization, and compliance risks.

• Deliver day-to-day Governance, Risk, and Compliance (GRC) services • Focus on operational execution, coordination, and reporting across compliance, security assurance, and governance activities • Responsible for client audits, evidence gathering, managing compliance tools, supporting security questionnaires • Monitor security controls and facilitate regulatory alignment • Oversee ongoing governance activities throughout the Atmosera client portfolio • Operate within defined service hours (Monday–Friday, 8am–5pm PT)

• Provide customer support across an omni-channel environment, including inbound phone calls, live chats, email, and back-office tickets, ensuring timely and accurate resolution. • Guide users through the PCI-DSS compliance process, delivering clear, step-by-step instructions to maintain regulatory and security standards. • Assist customers in accessing, navigating, and troubleshooting the online platform, ensuring issues are addressed with minimal disruption to operations. • Demonstrate strong analytical and problem-solving skills by leveraging available knowledge bases, tools, and resources to independently resolve complex issues. • Prioritize first-contact resolution by efficiently collecting, verifying, and applying the necessary information to address inquiries. • Proactively identify and communicate opportunities to streamline processes, recommend improvements, or escalate trends that impact efficiency or compliance. • Manage workload effectively and work independently without direct supervision, maintaining accountability for productivity and accuracy. • Handle escalations and difficult conversations with professionalism, focusing on resolution and adherence to company policies. • Ensure all customer interactions are documented thoroughly and accurately in internal systems, following established protocols and compliance requirements. • Consistently achieve or exceed performance metrics, service level standards, and quality expectations across all support channels.

Role Description Frontex's Digital Services Unit (DIG) is reinforcing its capacity to handle personal data protection and privacy compliance across its ICT environment. As GRCE, you'll support Frontex in applying Regulation in practice — turning legal and governance requirements into concrete documentation, processes and follow-up actions across multiple ICT systems, projects and procurements. - Preparing, updating and improving Records of Processing Activities (RoPAs) and Data Protection Impact Assessments (DPIAs) across ICT systems - Drafting and maintaining privacy notices and related data protection documentation - Validating personal data protection documentation against technical reality, working closely with system and technical owners - Analysing and documenting technical arrangements relevant to data protection: access rights, logs/SIEM exports, retention, hosting, data flows, transfers and processor chains - Supporting technical fact-finding for personal data breach incidents (without taking over breach qualification or notification decisions) - Working with incomplete or inconsistent information — distinguishing confirmed facts from assumptions and structuring clear next steps for management follow-up - Tracking actions, gaps and remediation items, and coordinating with system owners, project teams and the Frontex DPO - Providing privacy-by-design input into ICT projects, system changes and procurement files Qualifications - 5+ years of IT-relevant professional experience, including 4+ years in a similar role - At least 5 years of personal data protection compliance experience in an ICT, EU institutional, public-sector or similarly technology-heavy environment - At least 3 years of hands-on experience preparing, updating or reviewing RoPAs, DPIAs, DPAs or TIAs for real systems, including data mapping and validating input from system/technical owners - At least 2 years of experience analysing technical arrangements relevant to data protection (access rights, logs, retention, hosting, transfers, processors) - Excellent understanding of EU data protection legislation, standards and compliance frameworks - Strong stakeholder management and communication skills across technical and non-technical audiences Requirements - Minimum education: Master's degree or equivalent - At least 3 certifications among: CISA, CISM, GSNA, GCCC, ISO 27001 Lead Implementer/Auditor, ISO 27005 Risk Manager, CAP, CRISC, CISSP-ISSMP, GIAC ISO-27000 Specialist (or internationally recognized equivalents) Languages - Fluent English (C1) Work Model - Full remote Location - Europe