HimalayasHimalayas logo
PA

Security GRC Analyst

Paysend
United States only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

About The Role:

Reporting to the Security GRC Lead, we are seeking a detail-oriented Information Security GRC Analyst to join our security team and help support and operationalize Governance, Risk, and Compliance processes. In this role, you will be the guardian of our digital supply chain, responsible for evaluating the security posture of our third-party vendors and partners. You will be a risk advisor, helping the business make informed decisions about who we trust with our data. Additionally, you will play a key role in our internal compliance programs, helping us prepare for audits (SOC 2, ISO 27001, PCI DSS, etc.) and driving the remediation of security gaps.


What You'll Do (Responsibilities):

You should be enthusiastic about:

  • Security risk and controls management alongside a team of outstanding colleagues in the FinTech industry sector

  • Thriving and growing in a fast-paced FinTech environment and being able to pivot priorities to adapt
    quickly to a constantly evolving & demanding Security GRC landscape

  • Staying up-to-date on current emerging cybersecurity trends

As a Security GRC Analyst, you will be responsible for:

  • Supplier Due Diligence: Manage the end-to-end vendor risk assessment lifecycle. Review "due
    diligence packages" including SOC 2 Type 2 reports, ISO 27001 certificates, questionnaires, and
    penetration test summaries to validate vendor security controls against Paysend Supplier Security Policy.

  • Continuous Monitoring: Maintain the organization’s Vendor Inventory and Risk Register.
    Conduct periodic reassessments of critical vendors to ensure ongoing compliance, particularly
    in alignment with DORA requirements for ICT service providers.

  • Evidence Collection: Assist with audit activities by collecting and validating evidence from
    stakeholders (IT, HR, Engineering). Ensure evidence is accurate, complete, and mapped to the
    relevant controls (e.g., NIST 800-53, ISO 27001).

  • Support periodic internal reviews (mock audits) to identify non-compliance issues. Document
    findings and work with control owners to implement remediation solutions.

  • Assist with the development and annual review of policies, standards, procedures, and

    guidelines.

  • Maintain Security Confluence pages and ensure they are kept up to date with relevant

    information

  • Assist with the design and operational execution of employee training curricula required for

    GRC/compliance requirements

  • Support the response to customer security questionnaires, RFPs, and inquiries about our

    Security & Compliance program.

  • Support ongoing activities related to Paysend DORA compliance.

What You’ll Need To Be Successful In This Role:

  • Bachelor's degree in IT, Cybersecurity, Business, or equivalent experience.

  • 3-5 years working in GRC, IT Audit, or TPRM roles.

  • Familiarity with at least two of the following cybersecurity frameworks or regulations including:
    ISO 27001, PCI-DSS, SOC 2 Type II, NIST CSF and/or DORA.

  • Experience drafting and revising global cybersecurity policies and standards.

  • Team player and motivated self-starter who is resourceful and has the ability to work
    collaboratively with multiple stakeholders across different products, business lines, and regions

  • Excellent written communication skills with the ability to document, communicate, and report
    on cybersecurity risks as well as the status of the implementation and effectiveness of
    cybersecurity controls with product and business leaders

  • Excellent verbal communication skills with the ability to translate complex technical concepts

    into business language

  • Excellent command of the English language (written and spoken)

Nice To Have:

  • Basic understanding of cloud infrastructure (AWS/Azure) to better evaluate cloud vendors.

  • Hands-on experience configuring workflows in ServiceNow Vendor Risk Management, Vanta,
    Drata, or OneTrust.

Why Join Paysend?

  • Make a Global Impact:Directly impact millions of users worldwide

  • Accelerate Your Career:Benefit from internal mobility, mentoring programs, and continuous learning opportunities

  • Thrive in a Connected, Global Organization:Collaborate with colleagues across our international hubs and more

  • Embrace a Principle-Driven & Focused Culture:Work in an organization guided by strong principles and values that actually help you achieve more than you thought possible

  • Enjoy Competitive Compensation and Benefits:Receive a competitive salary, benefits, and flexible work arrangements

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Mid-level

Education

Bachelor degree

Experience

3 years minimum

Experience accepted in place of education

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

GovernanceInformation SecurityIT AuditVendor Risk ManagementComplianceRisk and Compliance (GRC)

Skills

Risk Compliance And ControlsVendor Risk ManagementSOC IIISO 27001PCI DSSNIST CSFDORANIST 800 53IT AuditThird Party Risk ManagementConfluenceAWSAzureServiceNowVantaDrataEvidenceMakeMappedOneTrust
Claim this profilePA

Paysend

View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

6 remote jobs at Paysend

Explore the variety of open remote roles at Paysend, offering flexible work options across multiple disciplines and skill levels.

View all jobs at Paysend

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan