Senior Information Security Specialist (Fintech)

TL;DR

Senior Information Security Specialist (Fintech): Leading and scaling security governance in a regulated fintech environment with an accent on complex GRC domains, such as ISMS/ISO 27001, regulatory readiness, and third-party risk. Focus on driving measurable improvement in control effectiveness and acting as a trusted advisor to senior stakeholders.

Location: Hybrid working model, combining onsite collaboration and remote work, with an additional 25 days per year to work from a city or country of your choice.

Company

hirify.global simplifies wealth creation and empowers both first-time investors and seasoned experts to invest in cryptocurrencies, stocks, precious metals and commodities.

What you will do

• Own and evolve GRC domains end-to-end, including strategy, annual plan, cadences, and success metrics.
• Facilitate and challenge high-impact risk assessments, ensuring consistency and defensible rationale.
• Lead complex audits and assessments end-to-end, including readiness, walkthroughs, and remediation.
• Set due diligence depth and ongoing monitoring requirements for critical suppliers.
• Act as a “GRC translator” for engineering and operations teams, helping them implement requirements efficiently and consistently.
• Drive risk treatment at scale: align owners, negotiate timelines, track commitments, and escalate where residual risk remains above appetite.

Requirements

• Typically 6–10 years of experience in information security GRC, audit/assurance, risk management, compliance, or adjacent security roles.
• Proven track record leading audits/assessments and driving remediation across multiple teams and systems.
• Strong working knowledge of ISO 27001 and DORA (and/or SOC 2 / PCI DSS / NIST) with the ability to design controls, define evidence, and test effectiveness.
• Strong understanding of technology risk across cloud, IAM, SDLC governance, incident management, vulnerability management, logging/monitoring, and third-party risk.
• Excellent written and verbal communication; able to produce executive-ready materials and auditor-facing narratives.

Culture & Benefits

• Enjoy the freedom of the Hybrid working model, combining onsite collaboration and remote work, with an additional 25 days per year to work from a city or country of your choice.
• Receive a competitive total compensation package aligned with hirify.global’s pay-for-impact policy, including participation in our stock option plan.
• Access confidential coaching, counselling, and mental health resources whenever you need them through OpenUP.
• Grow your skills and stay ahead in your career with unlimited access to Udemy’s library of online courses at your own pace.
• Take extra time off to rest, reset, and recharge, with 3 additional days off in 2026 to prioritise your wellbeing.
• Pandas in Vienna, Bucharest, Barcelona, and Berlin can enjoy free onsite dining, with freshly prepared lunches and snacks to keep you fuelled and focused all day long.