yandex
P
primer.io
Страна
Польша
+500% приглашений

Откликайтесь
на вакансии с ИИ

Ускорим процесс поиска работы
УдалённоПолная занятость

GRC Analyst

ИИОценка ИИ

Отличная вакансия в топовом финтех-стартапе с мировыми инвесторами. Полная удаленка, опционы и фокус на современные технологии делают это предложение крайне привлекательным для GRC-специалиста.


Вакансия из Quick Offer Global, списка международных компаний
Пожаловаться

Сложность вакансии

ЛегкоСложно
ИИОценка ИИ

Роль требует глубоких знаний специфических регуляций (PCI DSS, DORA, NIS2) и опыта работы в финтехе. Высокая ответственность за аудит и комплаенс в быстрорастущем стартапе повышает планку ожиданий.

Анализ зарплаты

Медиана5 800 €
Рынок4 200 € – 7 500 €
ИИОценка ИИ

Зарплата в объявлении не указана, но для GRC-специалиста уровня Middle в Польше рыночный диапазон составляет от 4500 до 7000 евро в месяц. Учитывая статус компании и наличие опционов, совокупный доход может быть выше среднего по рынку.

Сопроводительное письмо

I am writing to express my strong interest in the GRC Analyst position at Primer. With over 4 years of experience in information security governance and a proven track record of managing complex compliance frameworks like PCI DSS and SOC 2, I am confident in my ability to take ownership of your GRC program. My background in fintech environments has taught me that compliance is not just a yearly check-box exercise but a continuous operational rhythm that supports business growth and customer trust.

In my previous roles, I have successfully automated evidence collection processes and managed extensive security questionnaires, which aligns perfectly with your need for 'Audit Readiness & Evidence Operations.' I am particularly excited about Primer's mission to simplify global payments and would welcome the opportunity to apply my expertise in EU regulatory frameworks, including DORA and NIS2, to help the company stay ahead of evolving requirements. I am a proactive communicator who thrives in remote, engineering-led organizations and am eager to contribute to your team's success.

+250% к просмотрам

Составьте идеальное письмо к вакансии с ИИ-агентом

Составьте идеальное письмо к вакансии с ИИ-агентом

Откликнитесь в primer.io уже сейчас

Присоединяйтесь к Primer и станьте ключевым звеном в обеспечении безопасности ведущей платежной инфраструктуры мира!

Описание вакансии

An Introduction to Primer

We’re the world's first unified payment infrastructure, empowering businesses worldwide to unleash their payment potential. By choosing our platform, merchants can take control over their payment stack, create unique commerce experiences, accelerate their roadmap and increase payment success. We strive to make something complex, incredibly simple and intuitive. The world's top investors, including Accel, Balderton, Iconiq, and Tencent, have invested in Primer's vision to rebuild payments and commerce from the ground up.

Join us in shaping the future of payments and commerce.

About the Role

We're looking for a GRC Analyst to take ownership of our Governance, Risk & Compliance program. As our regulatory footprint and customer trust requirements have grown, we're investing in a dedicated GRC function to ensure we maintain a strong, continuous compliance posture.

This is a mid-level, individual contributor role reporting into the engineering/security organisation. You'll partner closely with engineers as subject-matter experts while owning the day-to-day execution and operational rhythm of GRC across the business.

What You'll Own

Audit Readiness & Evidence Operations

Maintain a year-round evidence calendar, run continuous control monitoring, and coordinate with external auditors.

External Trust Requests

Own inbound security questionnaires, vendor assessments, and RFP responses. Maintain a response library so we can turn these around quickly and consistently, keeping deals and procurement moving.

Framework-Driven Programs

Coordinate risk assessments, partner on security awareness and training programs, and govern vulnerability management processes. With obligations spanning PCI DSS, DORA, NIS2, and the EU AI Act, you'll help us stay ahead of evolving requirements.

Policy Lifecycle Management

Maintain policies, manage exceptions, monitor for violations, and drive remediation follow-through. You'll be the single point of accountability for keeping our policy framework current and enforceable.

Certification & Expansion

Drive future certification efforts, including ISO 27001, and support the operationalisation of new regulatory frameworks as they come into scope.

What We're Looking For

Experience

  • 3–5 years in a GRC, compliance, or information security governance role
  • Hands-on experience coordinating external audits (SOC 2, PCI DSS, ISO 27001, or similar)
  • Familiarity with EU regulatory frameworks such as GDPR, DORA, NIS2, and the EU AI Act
  • Experience managing vendor risk assessments and third-party due diligence
  • Track record of maintaining evidence and controls on a continuous (not just annual) basis

Skills & Qualities

  • Strong organisational skills
  • Clear, concise communicator who can work across engineering, legal, and leadership teams
  • Comfortable working with compliance tooling and GRC platforms (e.g., Vanta, Drata, OneTrust, or similar)
  • Detail-oriented with a bias for proactive, systematic work over reactive cleanup
  • Able to operate independently while knowing when to pull in subject-matter experts

Nice to Have

  • Familiarity with IAM processes and access review cycles
  • Relevant certifications (CISA, CRISC, ISO 27001 Lead Implementer, or similar)
  • Experience in a payments, fintech, or regulated technology environment, particularly with PCI DSS compliance

What’s life like at Primer?

We’ve been recognised as a top global employer, #1 in FinTech for ‘flexibility’!

We’re building a culture where people can come and do their best work and enjoy it. We want our people to be proud of the impact that they have at Primer, and of the work that they are doing. You will be working with a team of people who are mission-driven, smart, and reflective, and who are invested in building exceptional products and delivering success for our merchants (and we also know how to have fun along the way).

We work remotely. We believe that building a successful, profitable company goes beyond proximity. We invest in our relationships with each other through great remote working practices and thoughtfully designed face-to-face time together. Our heads-together time comes in the form of workstations, our annual company retreat, and co-working space access worldwide.

Finally, let’s go ahead and say it. The work that we do is challenging. Startups are a challenge, building category defining products is a challenge. You should be prepared for a challenge at Primer. But, there’s a big difference between a challenge and a struggle. The key difference is that the right challenge comes with the right support structures, an acceptance that not everything always goes to plan, a collaborative environment, and a great team around you. It’s never a challenge that you will face alone.

Our benefits

🌍 We are fully remote and globally distributed; and have been since day one

💰 Competitive share options

🌴 Uncapped holiday, with 25 days minimum to be taken

🗣️ Co-working space access

📅 Workations & Company Retreat

💻 The best equipment for your role

🏠 £500 towards your home office setup

🔎 Generous learning budget

🏥 Private Medical Insurance

📈 A broad set of additional perks and benefits (depending on location)

Don’t meet every single requirement?

At Primer, we’re dedicated to building a diverse, inclusive, and authentic workplace. If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply. You may be the right candidate for this or other roles. Primer is committed to the equal treatment of all current and prospective employees, regardless of background or beliefs.

Primer adopts a zero-tolerance approach to discrimination. We are committed to providing equal opportunities to all current and prospective employees regardless of age, disability, sex, sexual orientation, pregnancy and maternity, race or ethnicity, religion or belief, gender identity, or marriage and civil partnership.

+400% к собеседованиям

Создайте идеальное резюме с помощью ИИ-агента

Создайте идеальное резюме с помощью ИИ-агента

Навыки

  • GRC
  • PCI DSS
  • ISO 27001
  • SOC 2
  • GDPR
  • DORA
  • NIS2
  • Risk Assessment
  • Vanta
  • Drata
  • OneTrust
  • Vulnerability Management
  • IAM

Возможные вопросы на собеседовании

Проверка практического опыта работы с ключевым стандартом для платежных систем.

Расскажите о вашем опыте подготовки организации к аудиту PCI DSS. С какими основными трудностями вы столкнулись?

Оценка способности кандидата работать с современными требованиями ЕС.

Как вы планируете интегрировать требования DORA и NIS2 в текущую систему управления рисками компании?

Проверка навыков взаимодействия с техническими командами.

Как вы убеждаете инженеров соблюдать политики безопасности, если они считают их избыточными или замедляющими разработку?

Оценка опыта работы с инструментами автоматизации GRC.

Был ли у вас опыт работы с платформами вроде Vanta или Drata? Как автоматизация изменила ваш подход к сбору доказательств (evidence collection)?

Проверка навыков управления рисками цепочки поставок.

Опишите ваш процесс оценки рисков сторонних поставщиков (vendor risk assessment). На что вы обращаете внимание в первую очередь?

Похожие вакансии

H
HuntTech
217 000 ₽ – 268 000 ₽

ИБ-специалист (Senior)

SeniorУдалённо
SoC · EDR · HIPS · Firewalls · Network Segmentation · Vulnerability Management · GLPI · 2FA · Encryption · MDM · Positive Technologies Vulnerability Management · Efros DefOps
+12 навыков
E
EVOSTAFF
190 000 ₽

Аналитик по информационной безопасности (не appsec)

MiddleУдалённо
Kubernetes · Unix · Keycloak · Linux · Windows · Information Security · PCI DSS · Network Security · Microservices
+9 навыков
T
TopSelection
350 000 ₽ – 400 000 ₽

AppSec Engineer (Middle+/Senior)

SeniorУдалённо
Application Security · Penetration Testing · Code Review · Burp Suite · DAST · SAST · SCA · Threat Modeling · OWASP Top 10 · SDLC
+10 навыков
Т
Тензор
154 000 ₽ – 216 000 ₽

Инженер по информационной безопасности

Удалённо
Python · Node.js · C++ · SAST · Application Security · OWASP Top 10 · CWE Top 25 · OWASP ASVS · Web Application Security
+9 навыков
Г
ГНИВЦ
400 000 ₽ – 450 000 ₽

Архитектор ИБ

Удалённо
IAM · IDM · OAuth2 · OpenID Connect · SAML · JWT · JWS · JWE · MFA · WebAuthn · FIDO2 · AppSec · OWASP Top 10 · OWASP ASVS · Zero Trust · Cryptography · Microservices · API Security
+18 навыков
Ц
Циан
360 000 ₽ – 430 000 ₽

Senior InfraSec engineer

SeniorУдалённо
Cloud Security · Network Security · IAM · PAM · Hardening · Vulnerability Management · Security by Design · Kubernetes · Docker
+9 навыков
более 1000 офферов получено
4.9

1000+ офферов получено

Устали искать работу? Мы найдём её за вас

Quick Offer улучшит ваше резюме, подберёт лучшие вакансии и откликнется за вас. Результат — в 3 раза больше приглашений на собеседования и никакой рутины!

P
primer.io
Польша