Lead Technical Compliance Analyst (Fintech)

TL;DR

Lead Technical Compliance Analyst (Fintech): Coordinating and executing compliance programs such as PCI, ISO 27001, GDPR, and others as hirify.global expands into new markets and product offerings with an accent on managing auditors, timelines, and cross-functional evidence collection. Focus on advising first-line teams on the impact of proposed cloud and application architecture changes against compliance and regulatory requirements.

Location: This role requires a minimum of two days per week in our Dublin office

Company

hirify.global creates technology to help restaurants and local businesses succeed in a digital world, helping business owners operate, increase sales, engage customers, and keep employees happy.

What you will do

• Coordinate with and act as the second-line expert to advise first-line teams on the impact of proposed cloud and application architecture changes against compliance and regulatory requirements.
• Direct, execute, and own activities related to routine proactive assessments of IT controls, systems, and procedures to ensure conformity with expected requirements and documented controls.
• Own and drive successful, on-time delivery of complex assurance programs (e.g., PCI, ISO) by effectively managing auditors, timelines, and cross-functional evidence collection.
• Assist in proactively identifying potential compliance vulnerabilities, risks, or emerging areas of focus within IT processes in line with compliance standards.
• Support the team in developing, implementing, and maintaining IT Compliance processes and procedures that meet external and internal requirements.
• Support the creation and facilitation of compliance training programs, runbooks, and communications to further enable hirify.globalers to continuously operate in a compliant manner.

Requirements

• 8+ years of progressive experience owning and successfully delivering multi-framework compliance programs such as ISO 27001, PCI (DSS and other standards), ISO 27001, RED DA, NIS2, EBA ICT, GDPR, UK OpRes, CRA, PSD2, etc.
• Knowledge of IT General Control requirements, scoping, control design, control implementation.
• Deep understanding of cloud computing architectures and security patterns, including assessing and implementing compliance controls in such environments.
• Familiarity with AuditBoard or other GRC (Governance, Risk, and Compliance) and Enterprise Risk Management (ERM) solutions, tools, platforms, and processes.
• Experience with compliance programs in fast-changing and evolving environments.
• Proven ability to operate as a trusted second-line advisor who can educate, influence, and partner with high-velocity engineering and product teams toward sustainable compliance.

Nice to have

• Working knowledge and familiarity with SOX, SOC, NIST CSF.
• Experience working with Jira, Confluence, Asana, Slack, and Google Workspace ecosystem.
• Experience in privacy, data classification, and data subject rights protection.
• Experience working in fintech, payment facilitation / marketplace, merchant processing and/or fraud/risk.
• Relevant industry certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), PCI QSA / ISA (Qualified or Internal Security Assessor), or equivalent expertise.

Culture & Benefits

• Embrace a hybrid work model that fosters in-person collaboration while valuing individual needs.
• Committed to creating an accessible and inclusive hiring process.
• Believe learning new AI tools empowers to build for customers faster, more independently, and with higher quality.