GRC Specialist (Security)

Airwallex-posted 7 days ago
Full-time • Mid Level
San Francisco, CA
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 200,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale. Proudly founded in Melbourne, we have a team of over 2,000 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital, Airwallex is leading the charge in building the global payments and financial platform of the future. If you’re ready to do the most ambitious work of your career, join us. As an INFOSEC Governance Risk and Compliance Specialist here at Airwallex, you will be a trusted member of the Information Security team. Reporting to the INFOSEC GRC Manager, this role will see you becoming a critical part of Airwallex’s global mission, helping to proactively identify and mitigate information security risks to the organisation, as well as designing and implementing policies and procedures that are innovative, challenging the traditional norms of the industry. You’ll work closely with Legal, Engineering, and senior leadership regarding international regulatory compliance, data privacy and other aspects of risk and data governance. The INFOSEC GRC and Engineering teams work closely together and often collaborate directly, so engineering experience of any kind will serve you well, and this role would be best suited for someone with a software development or IT engineering background, who has moved into the world of information security compliance. This is a dynamic and autonomous role. It requires independent thinking, with experience in project management and robust design, but without being tied up in traditional solutions and methodologies. An ideal candidate will see compliance as a challenge to iterate on, rather than a box to be checked. This role requires a professional or native level of Portuguese language skills.

  • Manage the body of security controls and documentation, executing them to a high standard while refining and iterating.
  • Implement automation and monitoring information security controls, exceptions, risks, and testing
  • Implement an innovative security risk program that aligns to regulatory requirements, ensuring documented and sustainable risk management.
  • Develop and maintain security standards and policies, reporting metrics, dashboards, and evidence artefacts to support both internal and external stakeholders
  • Develop resources to help non-technical employees understand information security and compliance requirements.
  • Partner with other Airwallex teams to build collaboration, and establish shared responsibilities and resources for security, data protection and governance, risk management, and privacy.
  • Deep knowledge of relevant compliance, regulatory and control frameworks including PCI-DSS, ISO 27001, SOC2 and similar standards. You should have been involved in at least one completed security audit, and be intimately familiar with their flow.
  • Working knowledge of technology policy creation and maintenance, especially in the context of security. Some experience with tuning policies to meet complex regulatory requirements.
  • A strong familiarity with Information Security concepts, practices, and solutions; you might have a technical background yourself, or just have spent a lot of time working closely with engineering teams. Regardless, tech doesn’t scare you and you can speak the language fluently.
  • A working understanding of complex cloud environments and the way they impact modern security and compliance operations.
  • An understanding of financial services or payments, especially prior work experience with the fintech industry.
  • A passion for solving the complex challenges of high-growth startups, and for thinking creatively about ‘solved’ problems.
  • A Professional or native level of Portuguese language skills.
  • An industry-leading security degree or certification is highly desired. Examples include a BS or MS in Cybersecurity; or a CISSP, CEH, CISA, etc.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service