Senior Information Security Risk Analyst (Fintech)

TL;DR

Senior Information Security Risk Analyst (Cybersecurity): Developing and maintaining security standards and policies to mitigate emerging cyber risks with an accent on technology risk assessment and GRC implementation. Focus on designing risk reporting frameworks, managing third-party security assessments, and ensuring compliance with regulatory standards.

Location: Hybrid (Sofia, Bulgaria)

Company

hirify.global is a global leader in digital assets and financial wealth management, building a dynamic and accessible future model of wealth.

What you will do

• Create and maintain security standards, policies, and procedures aligned with current and emerging cyber risks.
• Identify and assess technology risks, ensuring appropriate IT controls and operational processes are in place.
• Develop a comprehensive risk assessment process and maintain an internal risk register.
• Manage the third-party risk assessment process and coordinate external security assessments and audits.
• Support the Data Governance program and maintain applicable information security policies.
• Document IT processes, risks, and controls within a GRC solution.

Requirements

• 3 to 5 years of experience in information security risk, audit, or a closely related field.
• Experience developing enterprise risk reporting, including KRIs, KPIs, and risk appetite definitions.
• Proven ability to update corporate security policies, standards, and procedures independently.
• Experience leading periodic IT audits to confirm compliance with regulatory and internal standards.
• Strong written communication skills for producing risk reports for senior stakeholders.
• Must be based in Sofia, Bulgaria, for a hybrid work arrangement.

Nice to have

• Bachelor's degree in computer science, information systems, or a related field.
• Familiarity with security frameworks such as COBIT, ISO 27001, and PCI-DSS.
• Professional certifications such as CISA, CISM, CRISC, or CISSP.
• Knowledge of IT audit best practices and privacy domains.

Culture & Benefits

• Competitive remuneration package with annual performance-based bonuses.
• Hybrid work model with scheduled home office flexibility.
• Comprehensive Learning Hub for continuous professional growth.
• Wellness package including additional health insurance and all-access sports cards.
• Office perks such as free electric bikes, parking, and a well-stocked kitchen.
• Regular department and company-wide team-building activities.