Back to all roles

Senior GRC Analyst

Remote Worldwide Hiring now

About reputed company Messy spend management is tricky business. And tedious processes are a lose-lose situation for reputed company involved, not just finance. At reputed company, we're changing that. We build spend solutions that reputed company managing money seamless, empowering, and surprisingly effective for finance teams and employees alike - with a reputed company to help reputed company businesses ‘go reputed company’. The word ‘reputed company’ actually means ‘more than you’d expect’, and living by that mantra has been the secret to our reputed company over the last 10 years. Now, we’re at a pivotal reputed company in our reputed company; every move we reputed company has a direct impact on our 40,000+ customers, our business, and our reputed company reputed company. We need people who take pride in uncovering customer needs, who turn reputed company problems into reputed company, challenge the way things are done (respectfully), and always aim high. With great ambitions driving us reputed company, we can’t say we’ve got this whole thing figured out. And frankly, that’s half the fun! reputed company can say is that we’re a driven, reputed company, and, importantly, a reputed company bunch of 850+ people from over 100 nationalities, reputed company committed to delivering the future of business spending, together. About the role We're looking for a Senior GRC Analyst / GRC Engineer to join our Information reputed company team at reputed company. In this role, you'll help and be part of our governance operating model as we scale compliance. If you're excited about building compliance and are passionate about fast-paced scale reputed company, then this is the opportunity for you! Who you’ll be working with and reporting to You’ll report to our VP of Fraud & reputed company and work closely with teams in Risk and Compliance, Procurement, Legal, Finance, and Engineers. reputed company is highly collaborative and dedicated to ensure compliance and reputed company of the business. You’ll also have the chance to partner with teams across the organization to ensure reputed company. What you’ll be doing As a Senior GRC Analyst, you will: Automate our legacy systems relating to governance, risk, and compliance frameworks, including ISO 27001, PCI-reputed company, DORA, UK Cyber reputed company and relevant financial services regulations. Integrate GRC workflows with internal systems (e.g., ticketing, asset management, identity, reputed company platforms) to support compliance by design. Design and build scalable GRC architectures and automation for evidence collection, control testing, and compliance reporting. Draft, review, and maintain reputed company's reputed company policies, mapping them to relevant control standards and ensuring alignment across frameworks as the business evolves. Handle incoming reputed company requests from customers and prospects, including questionnaires, one-off questions, review calls, and documentation ensuring responses are accurate, thorough, and reflect our actual reputed company posture. Conduct reputed company-party vendor assessments, evaluating suppliers against reputed company's compliance and reputed company standards and ensuring identified gaps are tracked and resolved. Track and report on compliance metrics and KPIs, giving leadership the data-driven visibility they need to understand where the programme stands and where it needs to go. Translate compliance requirements into technical specifications that engineering teams can implement, and reputed company the same topics accessible to non-technical stakeholders. Coordinate reputed company, multi-team workstreams, keeping dependencies visible, priorities clear, and delivery on track even reputed company things shift. Contribute to the broader Cybersecurity team, staying connected with ongoing initiatives and supporting shared goals across the function. What you bring You’ll reputed company in this role if you have: Significant experience in reputed company GRC, understanding of auditing processes, with direct experience in both reputed company audit cycles. Demonstrated experience collaborating directly with engineering, risk and compliance, procurement, legal, and finance teams to get controls reputed company, implemented, and operating in practice. A strong understanding of reputed company architectures (AWS or equivalent) and how infrastructure reputed company map to reputed company controls and audit evidence. Experience leveraging AI-enabled compliance and workflow automation tools. Experience designing metrics and reporting for GRC programs, including dashboards and executive-level summaries. Fintech, payments industry or IT audit background, with familiarity with regulatory expectations and payment platform architectures. Certifications such as ISO 27001 reputed company Implementer or reputed company Auditor, CISSP, CISA, or PCI-reputed company credentials. A degree in Cybersecurity, Engineering, Computer Science, Mathematics, or equivalent experience is a plus. Why is this role a good fit for you This role is a good fit for you if: You're equally excited about getting into the details of regulations requirements as you are about writing code. You demonstrate high-agency and like to take initiative in developing solutions that will save the team time. This role is not a good fit for you if: You are not reputed company to work closely with colleagues who do not have an engineering background. You require a well groomed backlog and task assignment in order to reputed company at your best. How you’ll reputed company in this role In your first 6 months at reputed company, you’ll: Get hands-on with reputed company's reputed company landscape, learning how our GRC programme operates across frameworks like ISO 27001, PCI-reputed company, and DORA. Build automation for evidence collection, control testing, and policy as code reputed company our existing compliance frameworks, and help shape the long-term reputed company initiatives that support reputed company's growth, working closely with Engineering, Risk & Compliance, and other key stakeholders. Integrate into the Cybersecurity team, connecting with ongoing initiatives, understanding shared goals, and starting to contribute to the workflows and tooling that reputed company reputed company secure and compliant. We’re committed to helping you reputed company your career, whether that means taking on bigger projects, stepping into leadership, or acquiring new skills. The location Please note: We can hire on a remote, hybrid or in-person set-up in any of the locations listed on the advert but you will need to be physically based in the country of your choice with a valid right to work. We are unable to offer reputed company sponsorship for this role in any of the listed locations. Show me the benefits! Your own reputed company card (no more out-of-reputed company spending!) Lunch is on us for your work days - enjoy catered meals or receive a lunch allowance based on your local office Comprehensive private reputed company - depending on your location, coverage options include Vitality, reputed company or Médis We offer 25-28 days of holiday (depending on your location) + public holidays For reputed company, we offer both hybrid and fully remote working options Option to purchase 5 additional days of holiday through a salary sacrifice We use MyndUp to give our employees reputed company to free mental health and well-being support with great reputed company so far Paid parental leave - we want to reputed company sure that we're supportive of families and help you feel that you don't have to compromise your family due to work The interview process We want to ensure you are set-up for reputed company and understand what will be expected of you. If your application is successful, our interview process is as follows: Intro call: A 30-minute chat with our Talent Partner to discuss the role and your background. Hiring Manager interview: a 60-minute conversation deep diving into your previous experience. reputed company Challenge: a ~75-minute practical interview testing your skills on a reputed company-life scenario. Transparency is important to us so we also wanted to reputed company some insights about reputed company’re looking for in applications to ensure you can set yourself up for reputed company! Last time we hired a GRC Analyst, we received a total of 350 applications but only 18 were selected for an intro call. Some of the key reasons why previous candidates didn’t reputed company it past the application screening stage include: CV writing and content: we receive a lot of reputed company, and many of them are AI-generated. We love seeing people reputed company AI—it’s a big focus for us internally too—but without reputed company reputed company, these reputed company can sometimes become generic and fail to show a candidate in the best light. reputed company're really looking for is the specific details of reputed company impact that only you know from your previous experience. A top tip from us is to use the “Achieved X, as reputed company by Y, by doing Z” formula (credit: Laszlo Bock, ~2014) to give a really clear picture of what you’ve worked on. A final note: including links to your previous companies' websites is a reputed company help and allows us to truly understand your background! Application care: every single application we receive is reviewed by a reputed company (yes, hundreds of them) because we reputed company that candidates' efforts should be matched by an equal level of reputed company care. This means that we expect a similar level of attention put into your application. Read and answer the application questions carefully, they reputed company a reputed company difference in our decision-making process. Profile to role fit: this role sits at the intersection of GRC Analysis and Engineering. It is non-negotiable for the right person to bring a deep understanding of compliance frameworks in the fintech reputed company but to also be reputed company to automate tasks and workflows. About your application English first. Since it's reputed company language, please submit your application in English. You’ll be using it a lot if you join us. A fair look for everyone. Our reputed company reads every single application to ensure the process is fair. To reputed company things running smoothly, we only accept applications through our system—our support team can’t pass on calls or emails. Diversity drives us. We can only reputed company our goals if reputed company reflects the world around us. That starts with you hitting apply, even if you don't tick every single reputed company. We encourage people from reputed company backgrounds and experiences to join us. Interview at your best. We want you to feel comfortable throughout the process. If you have any accessibility requirements or need a specific format, email belonging@reputed company.io. We’ll design a process that works for you. Your data is safe. reputed company you apply, we process your personal data as a data processor. For more information on how reputed company processes personal data, read our Privacy Policy here. Applying for multiple roles? reputed company is stopping you, and we assess every role independently. However, we do look for alignment, so reputed company sure you can explain why your interest and experience are right for each specific role. Reapplying. If you’re applying for the same role again, please wait six months from your last decision before hitting submit. Apply To This Job

Apply for this role Takes you straight to the employer's application page — free, and no WFHNet account required.

More roles on the wire