Junior/Medior Security Compliance Specialist (GRC, Info-Sec)

TL;DR

Junior/Medior Security Compliance Specialist (GRC, Info-Sec): Leading third-party vendor security assessments and architecting compliance for global customers with an accent on evaluating technical evidence, translating regulatory requirements, and modernizing policy. Focus on leveraging AI tools for streamlining risk analysis and improving GRC efficiency, while ensuring alignment with PCI-DSS, NIS2, ISO 27001, and NIST standards.

Location: Must be based in Madrid, Prague, Valencia, or Warsaw. The security team works across time zones (GMT-6 to GMT+5), offering a flexible work environment.

Company

hirify.global is a marketplace where customers discover new experiences and services everyday and local businesses thrive, committed to building strong communities.

What you will do

• Lead third-party vendor security assessments, evaluating technical evidence (EDR deployment, Firewall logic, Encryption).
• Architect and lead audit readiness for PCI-DSS and NIS2, translating EU/UK/US regulatory requirements into actionable engineering tasks.
• Research and draft updates for the Information Security Policy library, aligning with ISO 27001 and NIST standards.
• Act as the power user and administrator for OneTrust to optimize compliance workflows.
• Create engaging security awareness content and phishing simulations via the Saba platform.

Requirements

• 1–3+ years in IT Risk, Audit, or GRC (preferably within Fintech, E-commerce, or highly regulated industries).
• Technical literacy in cloud security (AWS/GCP), network controls, and vulnerability management.
• Deep, hands-on knowledge of GDPR, PCI-DSS, and NIS2.
• Ability to utilize AI tools to automate documentation, research regulatory changes, and improve GRC efficiency.
• Fluent English (C1+) with the ability to explain technical hurdles to non-technical stakeholders.

Culture & Benefits

• Value ownership and accountability, managing projects with minimal supervision.
• Offer a flexible, global environment where the security team works across time zones.
• Embrace an AI-first approach and encourage leveraging AI tools in daily work.
• Opportunity to make an immediate impact due to hirify.global's scale and speed of transformation.
• Maintain a culture that inspires innovation, rewards risk-taking, and celebrates success.