AI Risk & Compliance Manager

The Role:

We are building a security-first AI platform from the ground up, designed to run large language models, multi-agent systems, and advanced AI workloads in zero-trust environments. Security, safety, and privacy are central to our mission, with a vertically integrated approach that connects high-level applications to low-level infrastructure.

As AI Risk & Compliance Manager you will translate regulatory and security frameworks (NIS2, CRA, ISO27001, EU AI Act) into clear, actionable requirements for our engineering and product teams.

You’ll establish our governance and compliance frameworks, ensure continuous audit readiness, and help shape how Openchip becomes a standard for secure and responsible AI infrastructure.

Key Responsibilities:

• Interpret emerging regulations (e.g., NIS2, CRA, GDPR, AI Act) and map them to technical and procedural controls.
• Develop the AI Risk & Compliance framework, integrated with engineering and product processes.
• Support the product team in understanding customers’ security and compliance challenges and distill reusable solutions.
• Collaborate with the architecture team to embed requirements directly into the platform’s design and infrastructure (e.g., RBAC, audit logging, encryption).
• Oversee audit and certification readiness, including internal assessments, control testing, and evidence management.
• Act as primary contact for external auditors and certification bodies.
• Represent Openchip in AI and cybersecurity working groups, advocating for safety, transparency and trust in the AI ecosystem.
• Build a culture of accountability across teams through communication, training, and shared metrics.

Qualifications:

• 7 years of experience in information security compliance, GRC, security or risk management roles.
• Deep understanding of European digital regulations; particularly GDPR, NIS2, Cyber Resilience Act, and the EU AI Act.
• Proven ability to translate legal and regulatory requirements into technical and organizational controls.
• Prior experience in a B2B infrastructure or regulated software environment.
• Certifications such as CISM, CISA or ISO27001 Lead Implementer are a plus.
• Background in AI systems or knowledge of privacy and security enhancing technologies (confidential compute, cryptography) is a plus.

Soft Skills:

• Excellent communication and interpersonal skills, able to collaborate effectively across internal teams and with external parties.
• A “can do attitude”, willing to solve and overcome obstacles - balancing governance rigor with engineering agility.
• Proactive problem-solver with a drive for automation and operational excellence.
• Curious, open-minded, and eager to continuously improve.
• Passionate about AI ethics, safety, and trustworthy innovation.

What do we offer?

• Join an innovative team and experience company growth.
• We believe in investing in our employees and providing them with the opportunities they need to grow and develop their careers.
• Enjoy a hybrid work environment.
• We also offer a flexible schedule.
• We offer a remuneration that values your experience.
• The position will have the base in Barcelona, Spain.

We are looking for outstanding people willing to join our mission to change this industry and help to build a better world. If you feel identified with Openchip, please contact us. We can offer a competitive compensation package in a flexible work schema that will help you to keep a balance between your personal and professional life. At Openchip & Software Technologies S.L., we believe a diverse and inclusive team is the key to groundbreaking ideas. We foster a work environment where everyone feels valued, respected, and empowered to reach their full potential – regardless of race, gender, ethnicity, sexual orientation, or gender identity.