Security GRC Lead at Wise

Job Description

We are looking for an experienced GRC Lead to join our Security Team.

As the Security GRC Lead, you will own our Security GRC services. This is a pivotal role that sits at the intersection of security, engineering, group and regional operations.

You will manage two distinct pillars: GRC Operations, and our Regional Information Security Officer Team. You will also provide guidance and leadership to our first line Security Controls Testing team.

With teams distributed across Wise’s international engineering hubs and key locations, you will be responsible for our security trust programme, ensuring our regulatory and partner obligations are understood, and managed in line with Wise engineering and operations practices.

Key responsibilities:

• Team Leadership:

Lead and mentor a multidisciplinary, international team. You will be responsible for setting clear objectives, managing performance, and fostering a culture of technical excellence.

• Regulatory and Audit Engagement:

Act as a contact point for regulators and auditors for matters relating to information security and technology risk. You will ensure that our regulatory obligations are understood and mapped to our control framework, and ensure that we are ready for audits and inspections.

• Controls Assurance:

Provide oversight and support to the Controls Testing team as we build out the function to meet our growing obligations, and move towards a data-driven, continuous assurance model.

• Risk Management:

Own our security risk management processes, integrating with enterprise risk management processes and collaborating closely with our 2LoD Technology Risk team.

• Regional Strategy:

Support the Regional ISO team to navigate local regulatory requirements while maintaining a consistent global security posture.

About You

We are looking for someone who has a deep understanding of the financial services industry, and a track record of managing security in a high-growth environment.

• You have managed international teams and are comfortable working across different timezones and cultural contexts.

• You have hands-on experience working in Cloud Native technology environments.

• You have broad knowledge of international information security frameworks (e.g. ISO27001, NIST CSF, PCI-DSS) and international technology risk regulations (e.g. DORA, NYDFS 500, CPS234).

• You have experience of working directly with international regulators.

• You are an excellent communicator with strong stakeholder management skills.

• You hold an internationally recognised security certification (CISSP, CISM, MCIIS etc.)

For everyone, everywhere. We're people building money without borders — without judgement or prejudice, too. We believe teams are strongest when they are diverse, equitable and inclusive.

We're proud to have a truly international team, and we celebrate our differences.
Inclusive teams help us live our values and make sure every Wiser feels respected, empowered to contribute towards our mission and able to progress in their careers.

If you want to find out more about what it's like to work at Wise visit Wise.Jobs.

Keep up to date with life at Wise by following us on LinkedIn and Instagram.

Wise is a global technology company, building the best way to move and manage the world’s money.
Min fees. Max ease. Full speed.

Whether people and businesses are sending money to another country, spending abroad, or making and receiving international payments, Wise is on a mission to make their lives easier and save them money.

As part of our team, you will be helping us create an entirely new network for the world's money.
For everyone, everywhere.

More about

[our mission](https: //wise.jobs/our-mission) and

[what we offer](https: //wise.jobs/what-we-offer).