GRC Manager

GSCF | www.gscf.com

GSCF is the leading global provider of working capital solutions. The company empowers companies and their financial institution partners to accelerate growth, unlock liquidity and manage the risk and complexity of the end-to-end working capital cycle. GSCF’s innovative Working Capital-as-a-Service offering combines the power of an end-to-end connected capital technology platform with expert managed services and alternative capital solutions.

GSCF’s team of working capital experts operates in over 75 countries, offering a truly global and holistic perspective to solve working capital efficiency challenges.

Visit http://www.gscf.com to learn more.

The Role:

Protecting sensitive financial data and transactions across international borders requires staying ahead of sophisticated cyber threats and compliance regulations. This role offers the opportunity to engage with cutting-edge security solutions, collaborate with experts worldwide, and contribute to safeguarding the financial infrastructure on a global scale.

We are seeking an experienced Information Security GRC Manager to lead and enhance our organization's security posture. This role is responsible for developing and implementing security governance frameworks, risk management programs, control processes, and security policies. The ideal candidate will focus on preparing for and operating within the ISO 27001, DORA, NIS2 and vendor security risk assessment domains, while driving initiatives to strengthen cyber resilience through proactive risk assessments, external and internal audits, and continuous process improvements.

How You Will Make an Impact: 

• Maintain an enterprise-wide information security governance & ISMS framework that aligns with business objectives, regulatory requirements, and industry best practices. 

• Lead strategic planning initiatives for security risk management, ensuring alignment with ISO 27001, NIS2 and DORA requirements. 

• Design, implement, and manage security risk management framework that includes risk assessments, control evaluations, and mitigation strategies. 

• Oversee and continuously improve the processes for vendor security risk assessments, ensuring third-party risks are effectively managed. 

• Develop and monitor key risk indicators (KRIs) and performance metrics to evaluate the effectiveness of security controls and risk mitigation efforts. 

• Oversee the development, implementation, and ongoing management of the organization’s security policies. 

• Prepare and lead the organization’s readiness for external and internal security audits, including ISO 27001 certification audits and NIS2 & DORA compliance assessments. 

What You Bring to the Team:

• At least 3 years of experience in GRC, information security risk management or security compliance roles.
• Demonstrated experience with ISO 27001 implementation, security audits, and vendor security risk assessments.
• University/college degree in a relevant professional field.
• Excellent communication skills in English, both written and spoken.

*Please note: Internally, this position is referred to as Manager, Governance, Risk, & Control.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, sexual orientation, national origin, or any other category protected by law.