🇬🇧
NewNeed a visa? This role doesn’t mention sponsorship. Explore jobs with visa sponsorship
GRC Specialist
Original Advert
Papaya Global is a rapidly growing, award-winning B2B tech unicorn with an ambitious mission to revolutionize the payroll & payments industry. With over $400M raised from multiple tier-one investors, our innovative technology provides a comprehensive solution for managing global workforces, encompassing everything from hiring and onboarding to managing and paying employees in over 160 countries.
We are seeking a GRC Specialist to join the Security group, reporting to the GRC Manager. We are looking for a team player, independent and responsible person, quick learner, who wants to work in a challenging and dynamic environment.
You will:
- Lead and manage information security compliance programs, including SOC 2 Type I/II and ISO 27001 audits, certifications, and ongoing compliance activities.
- Support the implementation and maintenance of DORA (Digital Operational Resilience Act) compliance requirements across the organization.
- Own the end-to-end process of responding to customer security questionnaires, RFPs, and third-party due diligence requests.
- Conduct risk assessments and help develop risk treatment plans to address identified gaps.
- Develop, review, and maintain information security policies, standards, procedures, and guidelines.
- Perform internal audits and gap analyses against regulatory frameworks and industry best practices.
- Collaborate with cross-functional teams (R&D, IT, Legal, Sales) to embed security and compliance practices across the organization.
- Monitor and track the remediation of identified risks and compliance gaps.
- Support vendor and third-party risk management processes, including periodic risk assessments and ongoing monitoring.
- Leverage AI-enabled tools to streamline compliance workflows, including analysis of security controls, drafting and refinement of compliance documentation, and support in audit preparation and evidence collection.
- Use AI-assisted capabilities to improve efficiency and accuracy in responding to security questionnaires, risk assessments, and regulatory documentation while maintaining strict compliance and traceability standards.
- Apply AI tools to support knowledge management, policy drafting, and cross-framework mapping (SOC 2, ISO 27001, DORA) in a controlled and auditable manner.
Application managed by Papaya Global