IT GRC Specialist – Regulated Fintech Platform

About the role

Join a leading regulated fintech entity operating under the Stripe umbrella to bridge strict European regulations with fast‑moving global engineering. As the IT GRC Specialist you will work directly with the Global CISO, ensuring the platform remains compliant, resilient, and audit‑ready.

Key responsibilities

• Maintain the IT Governance & Risk framework, including risk register, DORA implementation and control testing.
• Lead third‑party risk management activities such as vendor due diligence, SLA challenges and outsourcing oversight.
• Oversee identity and access governance, enforcing segregation of duties, least‑privilege principles and periodic user access reviews.
• Coordinate regulatory compliance and audit readiness, acting as liaison with the CSSF, managing GDPR controls and BCP/DR processes.
• Drive incident governance, including root‑cause analysis, regulator notifications and post‑incident discipline.

Required profile

• 3–6 years of experience in IT audit, IT risk, GRC or information security.
• Background in a regulated environment such as banking, fintech, payments, insurance or Big 4 IT risk advisory.
• Comfortable with ISO 27001, NIST, COBIT frameworks and European regulations like DORA and MiCA.
• Pragmatic mindset that values effective controls over paperwork.
• Fluent professional English; French is a plus.

Required skills

• ISO 27001
• NIST
• COBIT
• AWS fundamentals
• DORA
• GDPR

What we offer

• Competitive base salary €96,000–€144,000 plus equity, bonus and benefits.
• Hybrid work model with at least 50% on‑site presence in Luxembourg.
• High visibility role with real ownership and a seat at the strategic table.