Security Compliance and Privacy Specialist

About the role Establish and operate a Sporty Group–wide security and privacy baseline by building and coordinating a Group ISMS and Group PIMS. Ensure consistent security and privacy governance across all group companies while enabling regional teams to meet local regulatory requirements. What You'll Be Doing Define and maintain the Sporty Group global security and privacy baseline, including policies, control framework, and minimum requirements applicable across all group companies. Design and operate the Group ISMS and Group PIMS, coordinating regional ISMS and privacy programs without duplicating local ownership. Establish a clear global baseline plus local add-ons operating model, with defined RACI, exception handling, and escalation paths. Coordinate group-level governance by consolidating regional BDM/PM-owned compliance calendars into a single group view, aligning milestones, reporting cadence, and evidence standards. Maintain the group-level risk register, Statement of Applicability, and control mappings, ensuring traceability between risks, controls, owners, and evidence. Coordinate internal audits and findings management at group level, tracking remediation and closure across regions. Define and standardize privacy operations at group level, including RoPA inputs, DPIA workflows, retention and deletion evidence standards, and breach readiness coordination with Legal