Non-Mechanical Compliance Engineer

Komatsu is the 2nd largest worldwide manufacturer of construction, mining and utility equipment, and also delivers forest machines and logistics. Working at Komatsu means being part of an international company which is celebrating its 100th anniversary this year. Amongst competitors Komatsu is known to be the most innovative company in the industry.

Non-Mechanical Compliance Engineer

About the Role

As a Non-Mechanical Compliance Engineer, your primary mission is to ensure Komatsu’s digital products meet the stringent requirements of European regulations regarding digital safety, data security, and user data rights. You will be integral in managing the compliance of digital products and services while ensuring that these products remain aligned with EU legislation. You will help maintain Komatsu’s market access while ensuring the products comply with digital regulations, including those covering data management, cyber security, and artificial intelligence.

Key responsibilities

Communication (20%)

• Lead the communication of European technical and regulatory requirements across relevant departments within Komatsu, ensuring they are translated into functional and technical specifications for digital products and services.
• Hold regular meetings with KEISA stakeholders and subsidiaries to assess the impact of future EU compliance requirements on digital products.
• Collaborate with external experts to stay updated on compliance requirements and best practices.

Regulatory Compliance (20%)

• Track and stay updated on new and existing European regulations, including those concerning cyber security, AI, data management, and connected systems, such as:
    - Data Act
    - Cyber Resilience Act   AI Act
    - Radio Equipment Directive   Battery Regulation
• Advise on and ensure compliance with these regulations for all digital products.

Risk Management (15%)

• Identify potential compliance risks associated with digital products.
• Develop and execute risk mitigation strategies to address these risks.
• Conduct risk and impact assessments for new products and regulatory changes.

Policy Development & Implementation (15%)

• Develop and enforce internal policies to ensure digital products meet all compliance standards.
• Establish governance frameworks for compliance throughout the lifecycle of digital products.
• Collaborate with legal, IT, and product teams to integrate compliance requirements into the development and deployment processes.
• Lead EU compliance projects for digital products in close cooperation with KLTD and the EU Compliance department.

Audits & Monitoring (10%)

• Ensure technical and functional compliance requirements are effectively implemented in digital products.
• Regularly assess the overall compliance of Komatsu’s digital product portfolio, organizing penetration testing and other assessments as needed.
• Prepare for and support external audits by regulatory bodies or certification agencies.
• Continuously monitor digital product updates to ensure compliance is maintained.

Incident Management (5%)

• Manage compliance-related incidents, including regulatory violations and data breaches.
• Work closely with legal teams and authorities to ensure timely reporting and resolution of incidents.

Vendor & Third-Party Compliance (5%)

• Evaluate third-party vendors and partners for compliance risks, ensuring that they adhere to regulatory standards.

Lobbying (5%)

• Represent Komatsu at industry association meetings, such as CECE and Agoria, and contribute to the development of European and International Standards.
• Support the development of regulatory frameworks and help manufacturers meet compliance requirements.

Key Performance Indicators (KPIs)

• Successful implementation of regulatory compliance frameworks.
• Effective risk management and mitigation strategies.
• Audit and incident resolution performance.
• Successful vendor and third-party compliance assessments.
• Contribution to lobbying and standard-setting activities.

Your Profile

Education & Experience

• Background in information security, technology, or a related field, with experience in:

- Network security
- Data management
- Design or implementation of electronic systems or instrumentation
- Conducting compliance audits or assessments of digital products and services

• At least 3 years of experience in a related field or a minimum of 5 years of professional experience specifically in ICT security.
• Ideally, a professional qualification specializing in one of the above-mentioned areas, or a degree in Mechanical or Electrical Engineering combined with relevant experience.
• Practical experience with product safety legislation or similar legal instruments is considered an asset.
• Knowledge of Komatsu machines and/or Komatsu data management systems is desirable.

Skills & Competencies

• Strong interpersonal and communication skills for internal leadership and external representation.
• Ability to manage compliance projects and collaborate with multiple departments.
• High level of organization and attention to detail.
• Strong problem-solving skills, especially in the context of regulatory compliance.
• Ability to travel within the EU and internationally (e.g., Japan, USA) as required. 

Why Apply? 

• Take a key role in ensuring Komatsu’s digital products comply with high European regulatory standards.
• Influence the compliance strategy for cutting-edge digital products and services.
• Work in a dynamic, international environment and collaborate with global teams.
• Play a part in shaping the future of digital compliance in the industry.
• Lead impactful compliance projects and develop your expertise in a rapidly evolving field. 

Interested?

Send your CV and motivation letter to: jobs.be@komatsu.eu