Cybersecurity Governance, Risk & Compliance (GRC) Specialist

The role is about:

The Cybersecurity GRC Specialist leads the implementation of the organization's governance and compliance priorities in areas such as information security (ISO 27001), operational resilience, and financial regulations like DORA. The role ensures the effectiveness of controls, audit readiness, and the traceability of evidence across internal and outsourced environments. The GRC Specialist acts as the day-to-day authority on policy alignment, risk assessments, and supervisory documentation.

Location: Limassol, Cyprus

Reporting Line: Group Head of Digital GRC

You will:

• Maintain compliance and control frameworks aligned with ISO 27001, SOC 2, PCI DSS, GDPR, DORA, and other applicable regulatory standards.
• Maintain the corporate policy suite, ensuring version control and alignment with regulatory expectations.
• Design and enforce corporate governance policies across business units.
• Lead business process and asset risk assessments aligned to ISO 27005 and DORA risk taxonomy.
• Coordinate external audits, regulatory queries, and remediation evidence packs.
• Run internal IT and Security audits.
• Assess operational and supplier dependencies with business continuity impact analysis (BIA) inputs.
• Conduct internal control reviews, regulatory gap assessments, and readiness projects for certifications and supervisory audits.
• Partner with IT to implement control automation, compliance tooling, and evidence repositories.
• Monitor emerging laws, supervisory guidelines, and industry standards, and translate them into actionable roadmap items.
• Support BCP/DR governance and testing programs with measurable RTO/RPO targets.
• Coordinate major incidents reporting procedures and regulatory notifications.
• Own compliance dashboards, KPIs/KRIs dashboards, and audit-ready records.
• Drive employee awareness and compliance attestations.

What we need:

• Bachelor’s degree in Information Security, Risk Management, IT, or a related field.
• Professional certifications such as ISO 27001 Lead Implementer/Auditor, CRISC, CISA, CISSP, or equivalent are highly desirable.
• Proven experience 5+ years in Cybersecurity Governance, Risk & Compliance, information security, or operational resilience roles.
• Hands-on experience with regulatory frameworks including ISO 27001, SOC 2, PCI DSS, GDPR, and financial regulations such as DORA.
• Strong organizational skills with the ability to maintain compliance records and evidence in audit-ready condition.
• Strong understanding of risk management frameworks, operational resilience, and control assurance methodologies.
• Excellent analytical skills with attention to detail and accuracy in documenting controls, risks, and audit evidence.
• High integrity, accountability, and commitment to ethical standards.
• Ability to interpret regulatory guidance and translate it into actionable business policies and processes.
• Effective stakeholder management and communication skills, including the ability to present findings to senior management and regulatory bodies.
• Proficiency in GRC tools, compliance management systems, and Microsoft Office/Power BI for reporting purposes.
• Ability to manage multiple priorities, drive initiatives, and work independently as well as collaboratively across teams.
• Proactive and solution-oriented mindset with a continuous improvement approach.
• Experience coordinating audits, risk assessments, compliance reviews, and regulatory engagements.
• Demonstrated track record in implementing, monitoring, and reporting GRC programs across complex, multi-jurisdictional environments.

The perks of being a payabl.er:

• Future-Proof Your Finances: Once you’ve passed probation, we’ll kickstart your Provident Fund to secure your future.
• Grow with Us: Annual Learning Budget for professional development (after probation)—because your growth is our growth.
• Wolt Your Way Through Lunch: €150 monthly Wolt allowance to keep you fueled and happy.
• Drive in Style: After one year with us, you may be eligible for a company car—performance and availability permitting.
• Stay Active Your Way: Enjoy a SportsBenefits membership giving you access to a wide variety of gyms and sports facilities to support your active lifestyle.
• Park with Ease: Complimentary parking space just steps from the office, so your commute is as smooth as your workday.
• Max Out Your Downtime: 25 days of vacation + public holidays, plus an additional 10 sick days to rest when needed.
• Shop & Save: Exclusive local discount card + tickets for exciting events like Beonix, basketball games, and more.
• Speak Like a Local: Join free Greek language classes, twice a week, open to all team members.
• Celebrate Together: Twice a year, we bring colleagues from all offices together for unforgettable company celebrations.
• Global Collaboration & Events: Opportunities to participate in international company events and initiatives, connecting with colleagues from all regions and contributing to a truly global community

Hiring Process:

• First Interview: 30-minute introduction led by the Senior Talent Acquisition Partner.
• Second Interview: 1-hour deep-dive with the Hiring manager to explore your experience and skills.
• Final Interview: 30-minute session with the CTO, Hiring Manager and Senior Talent Acquisition Partner for final alignment.

Ready to Join Us?

Let's embark on a journey to redefine the landscape of payments together. We're not just offering a role; we're inviting you to be a part of something bigger. Join our team, and let's innovate, disrupt, and lead the future of payments. Together, we can make an impact that resonates. Welcome to the team!

If this role seems like a good match, please submit your resume all applications are treated with the strictest confidentiality. Please note that we may keep your CV for a period of one (1) year for future relevant job opportunities. For more information about how we process your data please see at https://payabl.com/privacy-policy