GRC Engineer Platform Team

Taktile


Job Location:

Berlin - Germany

Monthly Salary: Not Disclosed
Posted on: 1 hour ago
Vacancies: 1 Vacancy

Department:

Engineering

Job Summary

About the Role

Taktile empowers financial institutions to transform into truly AI-native organizations. Were growing rapidly with enterprise customers across banks and insurance companies and were looking for a GRC Engineer.

Operating in highly regulated markets means trust isnt a feature for us its the foundation of every customer relationship. As we scale into larger enterprise and fintech accounts a strong demonstrable security and compliance posture is what lets us win and keep that trust.

As our GRC Engineer on the Platform Team youll own the controls evidence and processes that keep Taktile secure compliant and continuously audit-ready. Youll be the engineering-minded backbone of our compliance program turning frameworks like SOC 2 ISO 27001 GDPR and the EU AI Act into automated continuously-monitored controls rather than one-off point-in-time checklists.

This is a cross-functional high-leverage role. Youll partner with Security Engineering Product and IT to close the gap between policy and control implementation and with Sales Legal Support and Leadership to make compliance a competitive advantage rather than a bottleneck.

The ideal candidate pairs deep framework knowledge with the technical ability to automate it; fielding a complex customer security questionnaire in the morning and scripting AWS evidence collection in the afternoon.

What youll do

  • Own continuous compliance end-to-end ; SOC 2 ISO 27001 and customer security reviews keeping us audit-ready year-round rather than scrambling at renewal time.

  • Manage and evolve the compliance roadmap prioritizing initiatives against business and customer needs; own Vanta end-to-end including tasks documentation integrations and automated evidence collection.

  • Lead quarterly access reviews across all systems in collaboration with IT and Engineering ensuring findings are tracked through to remediation.

  • Run vendor risk reviews and DPIAs for new tools (especially AI tooling) and help teams adopt new software quickly without compromising our risk posture.

  • Serve as the technical voice on customer security questionnaires and DPAs working alongside Sales and Legal to keep deals moving.

  • Define and report compliance and risk KPIs to leadership giving them a clear ongoing view of our posture and where investment is needed.

  • Partner with the Security Architect to identify and close gaps between written policy and actual control implementation.

Requirements

  • 4 years in GRC security compliance or audit readiness at a SaaS company ideally in a regulated environment (Finance Insurance Healthcare).

  • Has owned a SOC 2 program end-to-end (must-have) ideally ISO 27001 too from gap analysis through audit and maintenance; familiar with GDPR PCI DSS and the EU AI Act.

  • Deep experience running Vanta (or Drata/Secureframe) as a continuous compliance backbone not a point-in-time checklist.

  • Technically hands-on: comfortable scripting against AWS APIs to automate evidence collection with a solid grasp of software development and security concepts.

  • A strong writer and communicator who can turn around a 200-row security questionnaire quickly and accurately and translate fluently between compliance and technical teams.

Ideal but not required

  • Experience with customer trust programs (Trust Center FAQs security whitepapers).

  • DORA / EU AI Act / fintech regulatory exposure.

  • Has shipped engineering-led automation (not just dashboards).

  • Familiarity with NIST CSF CIS Controls or GDPR/DPAs.

What We Offer

  • Work with colleagues that lift you up challenge you celebrate you and help you grow. We come from many different backgrounds but what we have in common is the desire to operate at the very top of our fields. If you are similarly capable caring and driven youll find yourself at home here.

  • Make an impact and meaningfully shape an early-stage company.

  • Experience a truly flat hierarchy and communicate directly with founding team members. Having an opinion and voicing your ideas is not only welcome but encouraged especially when they challenge the status quo.

  • Learn from experienced mentors and achieve tremendous personal and professional growth. Get to know and leverage our network of leading tech investors and advisors around the globe.

  • Receive a top-of-market equity and cash compensation package.

  • Get access to a self-development budget you can use to e.g. attend conferences buy books or take classes.

  • Use the equipment of your choice including meaningful home office set-up.

Our Stance

  • Were eager to meet talented and driven candidates regardless of whether they tick all the boxes. Were looking for someone who will add to our culture not just fit within it. We strongly encourage individuals from groups traditionally underestimated and underrepresented in tech to apply.

  • We seek to actively recognize and combat racism sexism ableism and ageism. We embrace and support all gender identities and expressions and celebrate love in its many forms. We wont inquire about how you identify or if youve experienced discrimination but if you want to tell your story we are all ears.

About Us

Taktile enables financial institutions to transform into AI-native organizations that are increasingly powered by autonomous agents. With our modular Agentic Decision Platform customers combine AI agents rules relevant context and human oversight to safely automate and optimize their decisions-approving more customers reimbursing claims instantly stopping fraud before it spreads and financing every business worth funding. Founded in 2020 Taktile powers millions of decisions daily for institutions including Mercury Monzo Faire and Pleo. With offices in New York Berlin London São Paulo and Iași the company has raised $184M from Growth Equity at Goldman Sachs Alternatives Index Ventures Tiger Global Balderton Capital and Y Combinator. Learn more at .

About Your Employment. Taktile operates through regional entities worldwide. Depending on the location of this role your employment or engagement will be with Taktile LLC (US) Taktile GmbH (Germany) Taktile Ltd (UK) or Taktile SRL (Romania). The applicable entity will be confirmed during the offer process.

Your Privacy. Taktile (we or us) is the controller of the personal data you provide during this

application process. We collect and process your name contact details resume/CV work history education and any other information you submit or that we obtain from publicly available sources or references.

How we use your data: We process your personal data to evaluate your candidacy communicate with you about the recruitment process comply with legal obligations (such as right-to-work verification) and with your consent to consider you for future opportunities.

Legal basis (EU/UK applicants): We rely on (i) pre-contractual steps at your request (GDPR/UK GDPR Art.6(1)(b)) (ii) legal obligations (Art. 6(1)(c)) and (iii) our legitimate interest in evaluating candidates (Art.6(1)(f)).

Retention: If your application is unsuccessful we retain your data for 12 months after the recruitment process concludes unless you consent to longer retention. Successful candidates data becomes part of their employment records.

Your rights: Depending on your location you may have the right to access correct delete or restrict the processing of your personal data to data portability and to withdraw consent.

Automated decision-making: We use automated tools to assist in screening applications. No hiring decision is made solely by automated means without human review.

International transfers: Your data may be transferred to and processed in the United States Germany the United Kingdom or Romania. Where required transfers are protected by Standard Contractual Clauses or other approved mechanisms.

By submitting your application you acknowledge that you have read and understood Taktiles Applicant Privacy Policy. To exercise your rights or ask questions contact


Required Experience:

IC

About the RoleTaktile empowers financial institutions to transform into truly AI-native organizations. Were growing rapidly with enterprise customers across banks and insurance companies and were looking for a GRC Engineer.Operating in highly regulated markets means trust isnt a feature for us its t...