Senior Cyber Assurance Partner - Third-Party Risk (Fintech)

TL;DR

Senior Cyber Assurance Partner (Fintech): Disrupting and automating Third-Party Risk Management (TPRM) processes with an accent on payment processor assessment frameworks and AI-driven automation. Focus on designing pragmatic risk tiering systems, shifting accountability to business owners, and eliminating bureaucratic bottlenecks in vendor governance.

Location: Hybrid (Sao Paulo, Buenos Aires, Madrid, Barcelona, Romania, Montevideo)

Company

hirify.global is a global payment platform specializing in payment processing for emerging markets.

What you will do

• Design and implement automated workflows and AI agents to handle TPRM tasks such as documentation chasing and SOC2 report parsing.
• Govern the global Payment Processor Assessment Framework, tuning risk-scoring models and analyzing technical findings.
• Build a pragmatic risk tiering system to fast-track low-risk vendors and focus deep scrutiny on critical partners.
• Shift risk accountability to the first line of defense by providing business leaders with transparent data and tools.
• Advise on operational compensating controls (e.g., volume caps) for critical vendors with high risk scores.
• Perform manual security assessments and documentation reviews while building the automation to replace them.

Requirements

• Strong track record of proactive ownership and a desire to disrupt bureaucratic risk management processes.
• Hands-on experience performing manual security assessments and vendor reviews.
• AI fluency and the ability to logically map complex technical workflows for engineers to build.
• High EQ and organizational navigation skills to negotiate with Procurement, Legal, and Business leaders.
• Strong written and verbal communication skills in English.
• Ability to multi-task across diverse priorities without losing focus.

Nice to have

• Deep understanding of payment processors and fintech ecosystems in emerging markets.
• Familiarity with PCI DSS, ISO 27001, and SOC2 frameworks.
• Experience integrating with modern GRC, risk management, or procurement platforms.

Culture & Benefits

• High degree of autonomy in executing the CISO's vision.
• Focus on impact and productivity over fixed working hours.
• Flexible schedules combined with in-person connection in collaboration hubs.
• Opportunity to make a visible impact on global security governance.