Security GRC Lead

Job Description

We are looking for an experienced GRC Lead to join our Security Team.

As the Security GRC Lead you will own our Security GRC services. This is a pivotal role that sits at the intersection of security engineering group and regional operations.

You will manage two distinct pillars: GRC Operations and our Regional Information Security Officer Team. You will also provide guidance and leadership to our first line Security Controls Testing team. 

With teams distributed across Wises international engineering hubs and key locations you will be responsible for our security trust programme ensuring our regulatory and partner obligations are understood and managed in line with Wise engineering and operations practices.

Key responsibilities:

• Team Leadership: Lead and mentor a multidisciplinary international team. You will be responsible for setting clear objectives managing performance and fostering a culture of technical excellence.

• Regulatory and Audit Engagement: Act as a contact point for regulators and auditors for matters relating to information security and technology risk. You will ensure that our regulatory obligations are understood and mapped to our control framework and ensure that we are ready for audits and inspections.

• Controls Assurance: Provide oversight and support to the Controls Testing team as we build out the function to meet our growing obligations and move towards a data-driven continuous assurance model. 

• Risk Management: Own our security risk management processes integrating with enterprise risk management processes and collaborating closely with our 2LoD Technology Risk team.

• Regional Strategy: Support the Regional ISO team to navigate local regulatory requirements while maintaining a consistent global security posture. 

About You

We are looking for someone who has a deep understanding of the financial services industry and a track record of managing security in a high-growth environment.

• You have managed international teams and are comfortable working across different timezones and cultural contexts.

• You have hands-on experience working in Cloud Native technology environments.

• You have broad knowledge of international information security frameworks (e.g. ISO27001 NIST CSF PCI-DSS) and international technology risk regulations (e.g. DORA NYDFS 500 CPS234).

• You have experience of working directly with international regulators.

• You are an excellent communicator with strong stakeholder management skills.

• You hold an internationally recognised security certification (CISSP CISM MCIIS etc.)

Additional Information :

For everyone everywhere. Were people building money without borders  without judgement or prejudice too. We believe teams are strongest when they are diverse equitable and inclusive.

Were proud to have a truly international team and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what its like to work at Wise visit .

Keep up to date with life at Wise by following us on LinkedIn and Instagram.

Remote Work :

No

Employment Type :

Full-time