Security GRC Analyst (Fintech)

TL;DR

Security GRC Analyst (Fintech): Supporting and operationalizing Governance, Risk, and Compliance processes with an accent on evaluating third-party vendor security posture and managing internal compliance programs. Focus on preparing for audits like SOC 2, ISO 27001, and PCI DSS, driving remediation of security gaps, and ensuring DORA compliance.

Location: Fully Remote

Company

hirify.global is a next-generation integrated global payment platform simplifying cross-border payments for millions of users in over 170 countries.

What you will do

• Manage the end-to-end vendor risk assessment lifecycle, reviewing due diligence packages and validating vendor security controls.
• Maintain the organization’s Vendor Inventory and Risk Register, conducting periodic reassessments for ongoing compliance, particularly with DORA requirements.
• Assist with audit activities by collecting and validating evidence from stakeholders, ensuring accuracy and mapping to relevant controls (NIST 800-53, ISO 27001).
• Support periodic internal reviews, documenting findings, and working with control owners to implement remediation solutions for non-compliance.
• Assist with the development and annual review of security policies, standards, procedures, and guidelines.
• Support ongoing activities related to hirify.global DORA compliance and respond to customer security inquiries and RFPs.

Requirements

• Bachelor's degree in IT, Cybersecurity, Business, or equivalent experience.
• 3-5 years working in GRC, IT Audit, or TPRM roles.
• Familiarity with at least two cybersecurity frameworks or regulations, including ISO 27001, PCI-DSS, SOC 2 Type II, NIST CSF, and/or DORA.
• Experience drafting and revising global cybersecurity policies and standards.
• Excellent command of the English language (written and spoken).
• Excellent written and verbal communication skills to report on cybersecurity risks and control effectiveness.

Nice to have

• Basic understanding of cloud infrastructure (AWS/Azure) for evaluating cloud vendors.
• Hands-on experience configuring workflows in ServiceNow Vendor Risk Management, Vanta, Drata, or OneTrust.

Culture & Benefits

• Directly impact millions of users worldwide in the FinTech industry.
• Benefit from internal mobility, mentoring programs, and continuous learning opportunities.
• Collaborate with colleagues across international hubs in a connected, global organization.
• Work in a principle-driven culture that empowers achievement.
• Receive competitive compensation, benefits, and flexible work arrangements.