CrawlJobs Logo

Grc Specialist

United States, San Francisco 150000.00 - 200000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a Governance Risk and Compliance Specialist here at Airwallex, you will be a trusted member of the Information Security team. Reporting to the InfoSec GRC Manager, this role will see you becoming a critical part of Airwallex’s global mission, helping to proactively identify and mitigate information security risks to the organisation, as well as designing and implementing policies and procedures that are innovative, challenging the traditional norms of the industry. You’ll work closely with Legal, Engineering, and senior leadership regarding international regulatory compliance, data privacy and other aspects of risk and data governance.

Job Responsibility

  • Manage the body of security controls and documentation
  • Implement automation and monitoring information security controls, exceptions, risks, and testing
  • Implement an innovative security risk program that aligns to regulatory requirements
  • Develop and maintain security standards and policies, reporting metrics, dashboards, and evidence artefacts
  • Develop resources to help non-technical employees understand information security and compliance requirements
  • Partner with other Airwallex teams to build collaboration, and establish shared responsibilities and resources for security, data protection and governance, risk management, and privacy

Requirements

  • Deep knowledge of relevant compliance, regulatory and control frameworks including PCI-DSS, ISO 27001, SOC2 and similar standards
  • Involved in at least one completed security audit
  • Working knowledge of technology policy creation and maintenance
  • A strong familiarity with Information Security concepts, practices, and solutions
  • A working understanding of complex cloud environments
  • An understanding of financial services or payments, especially prior work experience with the fintech industry
  • A passion for solving the complex challenges of high-growth startups
  • An industry-leading security degree or certification is highly desired (e.g., BS or MS in Cybersecurity
  • or a CISSP, CEH, CISA)
  • Professional or native level of Portuguese language skills

Nice to have

  • Engineering experience of any kind
  • Software development or IT background
  • Experience in project management and robust design

What we offer

  • Offers Equity
  • Offers Bonus
  • Medical, dental, and vision insurance
  • 401(k) plan
  • Short-term and long-term disability
  • Basic life insurance
  • Well-being benefits
  • 20 paid days of vacation
  • 12 paid days of company holidays

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Grc Specialist

8 matching positions

GRC Specialist

Location
Location
United States , Austin
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of demonstrated experience in compliance, risk, or governance-related roles within an IT or security environment
  • Working knowledge of audit support for information systems and common compliance assessment practices
  • Familiarity with vendor due diligence and third-party security review processes
  • Ability to manage documentation carefully, including evidence collection and portal submissions
  • Experience contributing to policy and procedure updates in regulated or compliance-focused settings
  • Strong attention to detail with the ability to handle multiple priorities across concurrent audit activities
  • Understanding of Governance, Risk, and Compliance (GRC) concepts and supporting eGRC-related processes (ISO, SOC 2, FedRAMP, CMMC)
Job Responsibility
Job Responsibility
  • Conduct vendor security reviews using established assessment frameworks and document findings clearly
  • Prepare, organize, and submit audit evidence through designated customer and compliance portals
  • Assist with a range of compliance examinations by tracking requests, gathering materials, and supporting follow-up actions
  • Update draft policies and procedures to reflect current control expectations and business needs
  • Review customer security questionnaires for completeness and accuracy before internal spot-checks
  • Analyze compliance-related workflows to uncover duplicate efforts and recommend practical process improvements
  • Partner with internal stakeholders to maintain organized records that support governance and audit readiness
What we offer
What we offer
  • Medical, vision, dental, and life and disability insurance
  • Enrollment in company 401(k) plan
  • Fulltime
Read More
Arrow Right

Grc Specialist

We are looking for a GRC Specialist to support governance and operational docume...
Location
Location
United States , San Antonio
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience documenting business processes, operational workflows, and control activities in governance, risk, or compliance-focused environments
  • Strong capability in data analysis, business intelligence, and translating findings into actionable documentation
  • Proficiency with Microsoft SQL for querying and validating operational or governance-related data
  • Working knowledge of BusinessObjects technologies and their use in reporting or analytical environments
  • Familiarity with Erwin data tools or comparable data modeling and metadata management platforms
  • Ability to lead structured discussions with cross-functional stakeholders and gather accurate process details from multiple teams
  • Strong written and verbal communication skills with the ability to produce organized, thorough, and audit-ready deliverables
Job Responsibility
Job Responsibility
  • Partner with implementation, operations, support, compliance, and risk teams to capture and document end-to-end operational processes across current-state environments
  • Facilitate interviews, workshops, and discovery sessions with subject matter experts to understand systems, approvals, handoffs, and decision paths within daily operations
  • Develop process maps, workflow diagrams, and supporting narratives that present existing procedures in a clear and accessible format
  • Analyze documented activities to uncover process gaps, inconsistent execution, and manual interventions, then elevate recurring concerns to project stakeholders
  • Standardize documentation so that materials can be reused for reference, audit support, and future process optimization efforts
  • Review workflows and associated risk and control information with process owners to confirm accuracy, completeness, and alignment with actual practice
  • Communicate progress, emerging risks, and project dependencies through regular updates to leadership and key stakeholders
  • Support governance and data-focused analysis by interpreting operational information and connecting process documentation to broader control and reporting needs
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • company 401(k) plan
Read More
Arrow Right

GRC Specialist

We are seeking a GRC (Governance, Risk, and Compliance) Specialist to support an...
Location
Location
Canada , Toronto
Salary
Salary:
130000.00 USD / Year
realign-llc.com Logo
Realign
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience in Governance, Risk, and Compliance (GRC)
  • Knowledge of risk management frameworks and compliance standards
  • Experience conducting risk assessments and audits
  • Familiarity with IT security, compliance, and regulatory requirements
  • Strong analytical and documentation skills
  • Good communication and stakeholder management abilities
Job Responsibility
Job Responsibility
  • Implement and maintain GRC frameworks, policies, and procedures
  • Conduct risk assessments and compliance audits across systems and processes
  • Ensure adherence to industry standards and regulatory requirements
  • Identify, evaluate, and mitigate security and operational risks
  • Work with IT and business teams to ensure compliance with internal and external policies
  • Prepare risk reports, compliance documentation, and audit evidence
  • Support internal and external audit activities
  • Assist in improving governance and risk management processes
  • Fulltime
Read More
Arrow Right

Grc Specialist Senior

The GRC Specialist Senior is responsible for conducting security assessments, co...
Location
Location
United States , Coral Gables
Salary
Salary:
Not provided
citynational.com Logo
City National Bank of WV
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7 years of of applied work experience in cyber security compliance management, cyber security programs, data engineering, analytics or integration, audits, assessments, risk and remediation
  • Knowledge of AI concepts (LLMs, prompt design, limitations, hallucinations, etc.)
  • Knowledge of information security management, governance, and compliance principles, practices, laws, rules, regulations, and frameworks such as GLBA, FFIEC, and NIST
  • Knowledge of IT systems and processes, network infrastructure, data architecture, and protocols
  • Skill in applying cyber and cloud security frameworks, architecture, design, operations, controls, and service orchestration
  • Proficiency in Microsoft Office products (Word, Excel, PowerPoint)
  • Ability to develop and implement enterprise governance, risk, and compliance strategies and solutions
  • Ability to research and locate information related to internal and external organizations using online and other sources
  • Skill in security project management and planning
  • Ability to maintain confidentiality and handle sensitive information appropriately
Job Responsibility
Job Responsibility
  • Coordinate risk and control self-assessments with IT and cybersecurity subject matter experts and enterprise risk management team
  • Conduct control testing and document results to identify potential gaps in control design and/or control operating effectiveness
  • Collaborate with GRC, engineering, SecOps, IT operations, and BCP teams to define requirements and ensure scalable, secure, and maintainable AI-driven automation solutions
  • Identify opportunities to develop automated solutions using Microsoft Copilot, Power Automate, or another approved automation tool
  • Develop and maintain cybersecurity and IT policies, standards, procedures, program metrics and help develop automated compliance reports and risk metrics for executive leadership, to improve decision-making and reduce operational risk
  • Coordinate work assignments with process owners, control owners, external auditors, and consultants, ensuring issues are documented, monitored, and resolved
  • Advise internal stakeholders on internal control design for ongoing risk mitigation of information systems based on regulatory requirements and best practices
  • Communicate security issues and risks effectively to diverse audiences and ensure compliance with applicable controls based on a unified framework
  • Identify and correct process gaps proactively, recommending improvements to advance the Bank’s information security program maturity in alignment with company goals
  • Guide program leaders on risk remediation efforts, ensuring adequacy of response and timeliness based on risk severity
What we offer
What we offer
  • Medical, dental, and vision plans with employer contributions
  • 401(k) with matching
  • Generous PTO and paid holidays
  • Access to mental health and financial wellness resources
  • Tuition Reimbursement
  • Flex Time
  • Fulltime
Read More
Arrow Right

Information Security GRC Specialist

As Information Security GRC Specialist (f/m/d) you will own and drive Awin's glo...
Location
Location
Germany; Spain; Poland; United Kingdom; Italy; Romania; Sweden; France , Berlin; Munich; Madrid; Warsaw; London; Milan; Iași; Stockholm; Paris
Salary
Salary:
Not provided
awin.com Logo
Awin Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven track record of owning and delivering risk management initiatives end-to-end
  • Experience driving risk remediation across teams without direct authority
  • Strong experience presenting and defending risk positions to senior leadership and boards
  • Hands-on experience within an ISO 27001-certified ISMS environment
  • Strong knowledge of frameworks such as ISO 27001
  • Experience designing, implementing, or improving control frameworks
  • Experience with GRC platforms (e.g. Hyperproof)
  • Confident communicator (with very good English skills) - able to build relationships and challenge/influence senior stakeholders
Job Responsibility
Job Responsibility
  • Lead enterprise-wide risk identification and assessment across strategic initiatives, technology, and third parties
  • Drive risk remediation to closure, holding risk owners accountable for delivery
  • Own and maintain the Information Security Risk Register
  • Define, embed, and maintain the organisation's risk appetite
  • Provide clear, opinionated, and actionable risk insights to senior management and the board
  • Confidently challenge and influence stakeholders to ensure risks are neither understated nor inappropriately accepted
  • Own and continuously improve Awin's global information security risk management framework
  • Embed risk management into business processes
  • Mentor and develop GRC team members
  • Lead horizon scanning across emerging threats, regulatory changes, and industry developments
What we offer
What we offer
  • Flexi-Week and Work-Life Balance: four-day Flexi-Week at full pay and with no reduction to annual holiday allowance
  • Remote Working Allowance
  • Flexi-Office and hybrid/remote work possibilities
  • Development: training suite Awin Academy
  • Appreciation: peer-to-peer voucher program
  • Fulltime
Read More
Arrow Right

Senior Cyber GRC Specialist

As a Senior Cyber Security Specialist, you will be responsible for driving Gover...
Location
Location
Greece , Athens
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's and/ or Master's degree in Computer Science, Information Security, or a related field
  • Proven experience (typically 5+ years) in cyber security
  • Strong aptitude for staying updated with the latest cybersecurity trends and best practices
  • Effective communication skills to articulate complex technical concepts to both technical and non-technical stakeholders
  • Familiarity with relevant regulations and industry standards (i.e. ISO27001, NIST SP 800-53)
  • Capable of working collaboratively with cross-functional teams to implement and maintain robust cybersecurity measures
  • In-depth knowledge of cyber security principles, standards, and frameworks
Job Responsibility
Job Responsibility
  • Ensure Vodafone Greece complies with Group’s cyber security control framework
  • Support proper execution of the local cyber security processes
  • Support ISO 27001 certification compliance activities
  • Ensure cyber security control KPIs and relevant risk remediation actions are met
  • Support Group and Local Cyber Security Regulatory compliance activities
What we offer
What we offer
  • Award-winning work environment -certified #1 Top Employer in Greece
  • Competitive pay, bonus & remuneration package
  • Private Health & Medical Insurance
  • Hybrid way of working: a blend of remote and office-based working, including the option to work from abroad
  • Unlimited access to learning resources and trainings
  • Vodafone Parental Leave: 16 weeks of fully paid parental leave to all employees regardless of gender, sexual orientation or length of service
  • Spirit of Vodafone Day: one day each quarter dedicated to your personal development
  • Extra days off: Vodafone Day, Family Day, Volunteering Day
  • Office amenities (subject to the office location): such as restaurant, beauty corner, gym and parking
  • Special employee offers and discounts
  • Fulltime
Read More
Arrow Right

SAP Security / GRC Specialist

We are seeking high-caliber SAP professionals to support a complex SAP S/4HANA A...
Location
Location
Australia , Canberra; Sydney; Melbourne
Salary
Salary:
Not provided
finxl.com.au Logo
FinXL
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Active NV1 (Negative Vetting Level 1) clearance is mandatory
  • Strong hands-on experience in enterprise SAP environments, specifically within an AMS or Managed Services model
  • Excellent verbal and written communication skills
  • The ability to manage competing priorities in a fast-paced production support environment
Job Responsibility
Job Responsibility
  • Role 1: SAP GRC Developer: Design, configuration, and enhancement of SAP Governance, Risk, and Compliance (GRC) solutions
  • Update SAP GRC Firefighter workflow configuration to introduce timeout mechanisms
  • Lead workshops to confirm timeout requirements and prepare configuration designs
  • Configure and test workflow changes
  • Role 2: SAP Security Consultant: Operational support, access governance, role design, and remediation within SAP S/4HANA
  • Design, build, and remediate SAP roles and profiles
  • Support security for S/4HANA, including Fiori catalogues, groups, spaces, and OData/service authorizations
  • Perform security analysis and remediation for incidents, service requests, and defects
  • Support Segregation of Duties (SoD) analysis and risk remediation
  • Maintain high-quality security design documents, build guides, and support procedures
Read More
Arrow Right

Cyber Security Specialist (GRC)

As a Cyber Security Specialist, you will be integrated into the Portugal Cyber S...
Location
Location
Portugal , Lisboa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Job Responsibility
Job Responsibility
  • Integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance
  • Contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance
  • Act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness
  • Ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities
  • Follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions
  • Report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others
What we offer
What we offer
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Read More
Arrow Right