Director Of GRC & Privacy (Fintech)

TL;DR

Director of GRC & Privacy (Fintech): Building and leading the governance, risk, and compliance function from scratch for a high-growth prediction market platform with an accent on SOC 2, PCI-DSS, and global data privacy regulations. Focus on establishing security control frameworks, managing external auditor relationships, and maturing the enterprise risk management program across multiple legal entities.

Location: Must be based in or able to work from New York (Hybrid)

Company

hirify.global is the world's largest peer-to-peer prediction market platform, enabling users to trade on real-world events across politics, economics, and culture.

What you will do

• Build and own the enterprise security risk management program, including risk registers and executive reporting.
• Establish and maintain security control frameworks mapped to SOC 2, PCI-DSS, and CIS standards.
• Lead the company's security committee and drive security policy development and enforcement.
• Manage end-to-end compliance programs, including scoping, evidence collection, and auditor management.
• Oversee the data privacy program, ensuring compliance with GDPR, CCPA, and other jurisdictional requirements.
• Manage third-party risk, including vendor security assessments and ongoing monitoring.

Requirements

• 8+ years of experience in GRC or information security compliance, with 3+ years in a leadership role.
• Deep, hands-on experience leading multiple SOC 2 Type II audit cycles.
• Strong working knowledge of PCI-DSS v4.0 and implementation of compliance programs.
• Experience managing compliance across multiple legal entities or subsidiaries.
• Ability to communicate complex risk requirements to technical teams and executive leadership.
• Working knowledge of GDPR and CCPA operational requirements.

Nice to have

• Experience in fintech, payments, or cryptocurrency.
• Professional certifications such as CISM, CRISC, CISSP, or CIPP.
• Exposure to ISO 27001, NIST CSF, or GRC platforms like Vanta or Drata.
• Familiarity with AWS cloud environments and cloud-native control design.

Culture & Benefits

• Competitive salary and equity package.
• Unlimited PTO policy.
• Full health, vision, and dental coverage.
• 401k matching program.
• Hardware setup including a new MacBook Pro and accessories.