Work with HelloFresh in Warsaw and its HelloTech organisation, HelloFresh’s global technology backbone with more than 1000 people, building the digital products that power our end-to-end food experience. From meal kits and ready-to-eat meals to specialty offerings like pet food and premium meat & seafood, HelloTech creates the platforms that bring tailored food solutions to millions of customers every month.

Our subscription-based, direct-to-consumer model relies on technology at every step, from customer-facing apps and personalization logic to pricing, forecasting, supply chain optimization, and initiatives that help reduce food waste. While our brands operate independently to serve distinct customer needs, they are united by shared platforms, data, and operational excellence built by HelloTech.

HelloTech works in autonomous, cross-functional alliances, each owning a specific product or domain end to end. By working with our Warsaw office, you will help shape scalable, data-driven products used across our markets, working with a modern tech stack and international teams to continuously improve how people discover, order, and enjoy HelloFresh’s products, today and in the future.

About the role: What's in the Box

The service provider will contribute to the Governance, Risk & Compliance (GRC) function within HelloTech, focusing on the implementation and maintenance of information security compliance and certification programs. This engagement involves providing specialized services to ensure alignment between technical systems and global regulatory frameworks, supporting data protection initiatives, and managing third-party vendor risk assessments to safeguard the HelloFresh ecosystem.

What you’ll do: The Recipe

• Lead end-to-end compliance readiness for NIS2 and provide alignment services across key frameworks including PCI DSS, CSRD, ISO/SOC, and the EU AI Act.

• Plan and execute internal control assessments and coordinate external compliance audits on a defined cadence.

• Translate regulatory requirements into practical controls and drive cross-functional implementation across international technical units.

• Manage remediation processes by tracking findings, evidence, and deadlines, providing regular status reports to primary stakeholders.

• Enhance GRC maturity through continuous monitoring, comprehensive documentation, and technical guidance for other contributors.

• Evaluate and validate the design and operational effectiveness of security policies, standards, and internal controls to mitigate compliance risk.

• Develop accurate technical reports and presentations regarding the compliance landscape for executive and technical stakeholders.

What you’ll bring: The Ingredients

• 3+ years of experience delivering compliance services in a corporate environment focused on IT General Controls (ITGC), SOC 2, ISO 27001, PCI DSS, and EU NIS2.

• Profound knowledge of data privacy directives including GDPR and CCPA/CPRA.

• Proven ability to interpret complex compliance regulations and map them to specific system implementations and security frameworks.

• Experience supporting third-party risk management programs and data privacy operations.

• Expertise in developing and executing security awareness initiatives and technical training modules.

• Strong organizational skills with the ability to provide services independently in a high-growth environment.

• Prior experience providing services within SaaS environments, specifically involving Cloud and AWS infrastructure.

• Industry certifications such as CISA, CISM, or CISSP are highly regarded.

Above all, we are looking for individuals who will make HelloFresh better. We believe there are many different ways of developing skills and we love diverse experiences! So even if you don’t “tick all the boxes” but think you’d thrive in this role, we would really like to learn more about you.

What we offer: The Toppings

• Global collaboration at scale: Collaborate with experienced engineers and product partners across HelloTech’s international teams, in a culture of active knowledge sharing.
• Technology with real-world impact: Build and operate modern systems at global scale, supporting 6+ millions of customers and complex supply chain operations.
• Technical/Product/Design leadership: Drive best practices and influence architecture/design, quality, and ways of working in an autonomous, product-led setup.
• End-to-end development/delivery: Drive decisions from problem definition to production, improving systems and enabling long-term scalability.
• Access to workspace at Warsaw Centre Point. The hub offers modern facilities including showers, breakout zones, outdoor space, cycle parking, and refreshments (coffee, soft drinks, and fruit).

Are you the missing ingredient? If this sounds like a tasty opportunity, we’d be excited to hear from you.  We aim to review your profile and respond within 5 business days.

The role

We’re looking for a new teammate who will support the implementation and ongoing maintenance of information security compliance and certification programs, working with cross-functional internal teams and external auditing agencies. The person will also support data protection, data privacy, and third-party vendor risk management functions.

The position will be part of the Governance, Risk & Compliance (GRC) team at HelloFresh that is responsible for creating, maintaining and improving HelloFresh’s security risk management program and remediation activities; information security and data privacy related processes, policies, and guidelines; supporting compliance and certification related activities; and driving security awareness and education.

Above all, we are looking for people who will make HelloFresh better. We believe there are many different ways of developing skills and we love diverse experiences! So even if you don’t “tick all the boxes” but think you’d thrive in this role, we would really like to learn more about you.

What you’ll do

• Lead end-to-end compliance readiness for NIS2 and support alignment across other key frameworks (e.g., PCI DSS, CSRD, ISO/SOC and EU AI Act).
• Plan and execute internal control assessments and coordinate external compliance audits on a defined cadence.
• Translate regulatory requirements into practical controls; drive cross-functional implementation across international teams.
• Own remediation management: track findings, evidence, owners, deadlines, and report status to stakeholders.
• Improve GRC maturity through continuous monitoring, clear documentation, and mentoring junior team members.
• Lead internal assessments and coordinate external compliance audits at planned intervals
• Evaluate and validate the design and operational effectiveness of security policies, standards, and internal controls to help reduce compliance risk in the company
• Develop comprehensive and accurate reports and presentations on the compliance landscape for both technical and executive audiences

What you’ll bring

• 3+ years' experience in performing compliance activities in a corporate environment related to IT General Controls (ITGC), SOC 2, ISO 27001, PCI DSS, EU NIS2, and various data privacy directives (GDPR, CCPA/CPRA, etc.)
• Ability to interpret compliance regulations and map them to the actual implementation of systems, whilst referencing various security frameworks
• Experience supporting data privacy regulations (GDPR, CCPA) and third-party risk management programs
• Experience with developing and executing security awareness programs and trainings
• Highly organized and detail-oriented, with an ability to work independently
• Industry compliance certifications (CISA, CISM, CISSP) are a plus
• Prior experience working in a SaaS environment, mainly Cloud and AWS-based

What we offer

Elevate your lifestyle! Join one of Europe's fastest-growing tech powerhouses in a dynamic phase of expansion.

• Immerse yourself in a diverse global community of 90+ nationalities.
• Enjoy a competitive compensation package that goes beyond the norm, with perks like a HelloFresh- subsidized Pension Scheme, Berlin relocation support, and a Hybrid working model.
• Elevate your lifestyle with exclusive discounts on your weekly HelloFresh box and office meals.
• Invest in your growth with a German language learning budget, and access to the HelloFresh Academy.
• Plus, we've got your well-being covered with mental health support, transportation perks, and working-parent-friendly benefits. From our 24/7 gym access,wellbeing platforms like Headspace and Spill, to sabbatical leave options, HelloFresh is not just a workplace; it's a lifestyle of perks and possibilities!

About The Role (What you’ll be doing)

This role exists to build the operational engine that enables the Germany Operations to hyper-scale without compromise in quality, scalability, and impact.
As an Operations Associate/Analyst (f/m/d) ,you are responsible for identifying structural gaps in our systems before they become revenue leaks, patient friction, or finance risk — and fixing them at the root.

You might identify that key German payment methods are missing and design the rollout end-to-end: quantify impact, define requirements, align Product and Engineering, implement the solution, ensure correct CRM and invoicing configuration, build automated reporting for leadership visibility, and establish reconciliation governance so Finance can close cleanly.

You will own initiatives from problem identification to stable, scalable execution — building processes and automation that remove manual work and prevent issues from resurfacing.

• Strong operational ownership: You proactively maintain and improve recurring processes (invoicing, discount logic, workflows, admin tooling) and ensure systems run reliably without constant oversight.
• Hands-on technical problem solving: You can triage and debug cross-system issues (payments, orders, dashboards, automations), identify root causes, and collaborate effectively with Engineering when escalation is required.
• Systems & tooling fluency: You are comfortable working across CRM, payment providers, automation tools (e.g. Zapier, Slack workflows), and internal dashboards — and understand how data flows between them.
• High attention to detail & data integrity mindset: You care about accuracy in configurations, permissions, reporting, and user data — and prevent small errors from becoming revenue or reputation risks.
• Cross-functional execution strength: You communicate clearly with CS, Finance, and Engineering, follow through on open loops, and ensure operational issues are resolved end-to-end.
  
  

About You (Who We’re Looking For)

• 3–5 years in consulting, strategy, operations, or a high-growth startup environment with real execution responsibility
• Highly ownership-driven: you identify structural gaps and fix them at the root
• Strong analytical thinker with systems intuition — you understand how tools, data, and workflows interact across processes, payments, automation, and reporting
• Proven track record of driving cross-functional initiatives end-to-end (Product, Engineering, Finance, CS)
• Detail-oriented with a high bar for operational accuracy and data integrity
• Thrive in fast-paced, high-accountability environments and care about building scalable infrastructure in healthcare
• Nice to have: SQL skills are very useful for this role and will help on integration, as well as experience with payment providers, CRM systems, or automation tools (e.g. Zapier, Slack workflows, Customer.IO)
  
  

Why join Eucalyptus?

Euc is also behind a growing family of digital healthcare clinics (Pilot, Kin, Software) across men’s health and well-being, fertility, and skincare. Compound, focused on longevity and preventive health, complements this ecosystem and extends our mission to make good health last a lifetime.

Here’s what makes joining Euc unique:

• What’s next - Our goal for the next three years is to support 1 million patients globally to live better for longer. We’re launching into new conditions, demographics, and geographies as we build a truly preventive healthcare ecosystem.
• Build something world-changing - We’re on the path to becoming the world’s largest international digital healthcare company. It will be challenging, fast-paced, and deeply rewarding.
• Make real impact - You will deliver work that directly shapes patient outcomes and scales evidence-based care across markets.
• Accelerate your growth - You will have high ownership, continuous feedback, and dedicated development support.
• Join a motivated team - You will collaborate with talented peers to solve complex clinical and operational problems at scale.

What’s ahead in Germany

• Be an owner – Equity for everyone means you share in our success.
• Shape your career – Access annual learning budgets and three days of professional development leave, peer shadowing, and global knowledge-sharing culture.
• Support at every stage – Enjoy 28 days of annual leave, wellness allowance, and 3 weeks of work-from-anywhere per year.
• Work where well-being matters – Enjoy hybrid work focused on impact, an energising office, and regular socials.

At Eucalyptus, we value individuals from all backgrounds, experiences, and perspectives, and we embrace the unique qualities each person brings. When you apply, please let us know of any reasonable adjustments you may need during the interview process.

Please note that this position is based in Berlin, Germany - relocation support is provided if required. 

THE BEST WORK OF YOUR CAREER

Trade Republic is the largest savings platform in Europe - we operate in 18 countries, serving +10 million customers who trusted us with over 150B in assets. But we’re striving for more.

We have a bold mission to empower everyone to build wealth with easy, safe, and free access to financial systems. You will have the opportunity to grow your career by collaborating with a team of outstanding talents and state of the art technology to build a lasting, positive future for millions.

WHAT YOU’LL BE DOING

The Generalist Risk Quant is responsible for supporting other Senior Risk Quants in the design, development and implementation of risk models. In particular the Generalist Risk Quant will be involved in

• Building and running advanced risk models (VaR, ES, Stress Testing, etc.) 
• Designing and implementing data frameworks and pipelines for various risk types 
• Design, implementation and orchestration of validations for models and data frameworks
• Data reconciliation frameworks 
• Performing data reviews and gap analysis 

WHAT WE'RE LOOKING FOR

• 3+ years of experience in risk data roles, risk model developments, supervisory units, model validation within banks, fintechs or supervisory units 
• Advanced statistical modelling and Econometrics
• Quantitative background (Data science, quantitative finance, physics, mathematics, statistics, etc.)
• Data management and model governance 
• Financial programming: Python and other coding languages
• Basic understanding of CRR / CRD / MaRisk
• Machine learning experience is a great a plus
• Basic understanding ECB and BaFin & BuBa SREP / ICAAP & ILAAP experience is a plus

WHY YOU SHOULD APPLY NOW

Our culture rewards ownership, excellence, and high energy. We care deeply about outcomes and hold each other accountable - we’re here to win and fix one of the largest challenges Europeans face - closing the pension gap and democratising wealth. If this gets you fired up, reach out!