Senior Associate, Information Security (Fintech)

TL;DR

Senior Associate, Information Security (Fintech): Driving key parts of the governance, risk, and compliance (GRC) program in a regulated fintech environment with an accent on owning recurring GRC processes end-to-end, partnering with control owners, and ensuring continuous audit-readiness. Focus on maintaining the ISMS, planning audit readiness, facilitating risk assessments, and leading third-party risk management.

Location: Hybrid role combining onsite collaboration and remote work. Must be based in or regularly commute to one of hirify.global's offices in Vienna, Bucharest, Barcelona, or Berlin (Europe), with 25 additional days per year to work from a city or country of your choice.

Company

hirify.global is a European fintech company founded in 2014, simplifying wealth creation through a user-friendly platform for investing in cryptocurrencies, crypto indices, stocks, precious metals, and commodities for over 6 million customers.

What you will do

• Own and maintain parts of the Information Security Management System (ISMS) and support security-by-design governance for new initiatives.
• Plan and execute audit readiness activities (ISO 27001, SOC 2, internal/regulatory audits), coordinate stakeholders, and review evidence for quality and traceability.
• Facilitate risk assessments for systems, projects, and vendors, documenting outcomes and treatment plans.
• Lead parts of third-party risk management, including due diligence, tracking remediation commitments, and supporting security contractual requirements.
• Execute control design/operating effectiveness testing, document results, and recommend improvements.
• Produce GRC reporting and metrics for leadership, identifying systemic themes and proposing improvements.

Requirements

• You must be proactive and ownership-driven, identifying and fixing gaps in the GRC program.
• You can balance rigor with pragmatism, applying controls proportionate to risk and business criticality.
• You possess clear and persuasive writing skills for documenting controls, risks, and audit responses.
• You are comfortable constructively challenging to improve evidence and control quality.
• You are collaborative and able to remain calm under deadline pressure during audits and regulator requests.

Culture & Benefits

• Enjoy a hybrid working model with the flexibility to work 25 additional days per year from any city or country.
• Receive a competitive total compensation package, including participation in the stock option plan.
• Access confidential coaching, counselling, and mental health resources through OpenUP.
• Benefit from 3 additional days off in 2026 to prioritize wellbeing.
• Utilize unlimited access to Udemy's online courses for continuous learning and growth.
• Take advantage of 8 weeks of gender-neutral new parent leave.
• Receive a dedicated budget to set up a productive home office.
• Pandas in Vienna, Bucharest, Barcelona, and Berlin enjoy free onsite dining.