Senior GRC Analyst

Work with HelloFresh in Warsaw and its HelloTech organisation, HelloFresh’s global technology backbone with more than 1000 people, building the digital products that power our end-to-end food experience. From meal kits and ready-to-eat meals to specialty offerings like pet food and premium meat & seafood, HelloTech creates the platforms that bring tailored food solutions to millions of customers every month.

Our subscription-based, direct-to-consumer model relies on technology at every step, from customer-facing apps and personalization logic to pricing, forecasting, supply chain optimization, and initiatives that help reduce food waste. While our brands operate independently to serve distinct customer needs, they are united by shared platforms, data, and operational excellence built by HelloTech.

HelloTech works in autonomous, cross-functional alliances, each owning a specific product or domain end to end. By working with our Warsaw office, you will help shape scalable, data-driven products used across our markets, working with a modern tech stack and international teams to continuously improve how people discover, order, and enjoy HelloFresh’s products, today and in the future.

About the role: What's in the Box

The service provider will contribute to the Governance, Risk & Compliance (GRC) function within HelloTech, focusing on the implementation and maintenance of information security compliance and certification programs. This engagement involves providing specialized services to ensure alignment between technical systems and global regulatory frameworks, supporting data protection initiatives, and managing third-party vendor risk assessments to safeguard the HelloFresh ecosystem.

What you’ll do: The Recipe

Lead end-to-end compliance readiness for NIS2 and provide alignment services across key frameworks including PCI DSS, CSRD, ISO/SOC, and the EU AI Act.

Plan and execute internal control assessments and coordinate external compliance audits on a defined