Grc Engineer

Join a fast-growing fintech company dedicated to revolutionizing financial services with cutting edge technology. As a company operating under the Financial Regulatory Authority (FRA), we prioritize security, risk management, and regulatory compliance to ensure our customers' trust and data protection. We are seeking a GRC Engineer to help build, implement, and maintain a robust governance, risk, and compliance framework.
As a GRC Engineer, you will play a pivotal role in ensuring that our security and compliance frameworks align with FRA regulations, ISO 27001, PCI DSS, NIST, and other industry standards. You will be responsible for identifying risks, implementing policies, conducting audits, and ensuring regulatory compliance across the organization. This is a unique opportunity to work in a dynamic fintech environment where security and compliance are top priorities.
**Key Responsibilities**:

- Develop and implement a GRC framework to ensure compliance with FRA security regulations and industry best practices.
- Conduct risk assessments and gap analyses to identify vulnerabilities in security policies, procedures, and systems.
- Monitor regulatory updates and ensure alignment with ISO 27001, PCI DSS, NIST, and FRA compliance requirements.
- Perform and manage internal and external security audits, ensuring compliance with regulatory standards.
- Oversee third-party risk management, ensuring vendors and partners adhere to security policies.
- Collaborate with IT, cybersecurity, and legal teams to enforce compliance policies and incident response procedures.
- Develop and maintain security awareness training programs for employees, ensuring adherence to compliance policies.
- Implement GRC tools to track security policies and risk assessments.
- Prepare and submit compliance reports to regulatory authorities, leadership, and external auditors.
- Support the implementation of business continuity and disaster recovery plans to migrate security risks.

**Requirements**:
Bachelor’s degree in Cybersecurity, Information Security, Risk Management, or a related field.
- Minimum 5+ years of experience in GRC, information security, or risk management roles within fintech or regulated industries.
- Strong knowledge of FRA regulatory frameworks and financial cybersecurity compliance.
- Expertise in ISO 27001, PCI DSS, NIST, GDPR, and SOC 2 compliance standards.
- Hands-on experience in risk assessment methodologies and security audits.