Compliance Legal Counsel

We’re looking for a dedicated **Compliance Legal Counsel** to join our Compliance team in the Legal department to help us navigate this dynamic landscape, ensuring our operations are secure, resilient, and trustworthy for the millions of customers who rely on us. Join us now

**Why MailerLite?**:
Wondering why we think you’ll love working for MailerLite? Here are our favorite 6 reasons
- **
You'll be our compliance partner, acting as the bridge between the Compliance team and the rest of the company**
As a member of the Legal Department, you will collaborate closely with the Legal team, support responses to client inquiries, effectively communicate ISO/IEC 27001:2022 requirements, and collaborate with other departments to implement them in a practical, business-friendly way.
- ** You'll grow, develop and evolve**
As part of a team that's always looking for new, innovative ways to offer value to customers, you'll constantly be experimenting, learning, and trying out new things.
- ** You'll take ownership**
We expect you to take full responsibility and ownership of your tasks. Team leads avoid micromanaging and minimize interruptions so you can stay focused on your assignments.
- ** You’ll have experts on hand**
Whenever you’re stuck, your teammates with a wide range of expertise are ready to help you grow. And they’d love for you to share your knowledge too
- ** You'll pick where you work, every day**
We embrace the remote culture. Every day you get to choose the environment that makes you most productive.
- ** You'll have stability**
We value a stable workplace MailerLite has been thriving for over 10 years and our year-over-year growth continues to increase.

**What you’ll work with**:

- ** Coordinate the Risk Assessment Process**

Drive our company-wide risk assessment cycles, working with various stakeholders to identify, analyze, and mitigate potential risks to our business.
- ** Manage Vendor Compliance**

Own the vendor assessment process from a compliance standpoint. This includes evaluating new vendors, performing due diligence, and monitoring existing third-party relationships to ensure they meet our security standards.
- ** Champion our ISMS**

Take ownership of our Information Security Management System (ISMS), ensuring its ongoing maintenance, effectiveness, and continuous improvement in line with our **ISO/IEC 27001:2022** certification.
- ** Support Regulatory Implementation**

Work closely on the interpretation and implementation of internal policies and processes in line with key EU regulations, such as **DORA**, **NIS2**, and other frameworks related to cybersecurity and risk management, ensuring that compliance measures are integrated into day-to-day operations.
- ** Lead Internal Audits** Plan and conduct internal audits related to the ISMS. This involves preparing audit plans, interviewing colleagues across departments, and creating clear, actionable reports to drive improvements.
- 3+ years of experience in a similar role related to compliance, legal risk, or information security governance
- You have practical knowledge of information security frameworks, particularly ISO/IEC 27001:2022. Experience with SOC 2 and NIST is also highly valued
- You have a solid understanding of threat management principles, risk assessment methodologies, and the broader security compliance landscape
- You're a natural collaborator and communicator, able to explain complex compliance topics to colleagues from different departments
- You are organized, self-driven, and comfortable managing projects from start to finish
- You have a problem-solving mindset and can think critically about how to best integrate security practices into business operations
- Proficient verbal and written communication skills in English
- ** You must be based in Europe**

**Bonus points if**:

- You have experience with or knowledge of the Digital Operational Resilience Act (DORA) and / or NIS2 Directive

**Team Achievements**:
We're incredibly proud of our team and love celebrating their accomplishments. At MailerLite, we believe in recognizing hard work, creativity, and collaboration.

Here, we share some of the standout achievements that highlight the passion and talent within our team.
- ** ISMS implementation & ISO/IEC 27001:2022 certification**

Successfully implemented our Information Security Management System (ISMS) and achieved ISO/IEC 27001:2022 certification. This milestone reflects our commitment to information security and ensures our practices meet globally recognized standards for managing and protecting sensitive information.
- ** Internal Vendor Assessment process**

Established a structured internal Vendor Assessment process to evaluate and monitor third-party vendors from a compliance and security standpoint. This process enhances risk visibility, strengthens vendor oversight, and ensures alignment with our security and data protection standards.