
Posted an hour ago
Senior Information Security Analyst (GRC)
Checkout.com
Requirements
5+ years GRC or IT audit experience, Deep knowledge of PCI DSS v4.0.1, ISO 27001, and SOC 2, Experience leading external audits and regulatory assessments, Ability to advise engineering and product teams on compliance, Experience mentoring junior analysts
Skills
PCI DSSISO 27001SOC 2GRCNIST CSF
About the role
Responsibilities
- Lead the strategic and technical execution of GRC programmes, including PCI DSS v4.0.1, ISO 27001, and SOC 2.
- Define and improve control evidence collection to move toward continuous audit readiness.
- Manage the risk register for assigned sub-areas, overseeing risk identification, assessment, and treatment.
- Serve as the primary point of contact for external auditors, QSAs, and regulatory assessors.
- Advise engineering and product teams on embedding compliance requirements into architecture and development workflows.
- Lead regulatory change management activities, monitoring evolving landscapes like DORA and the EU AI Act.
- Mentor and develop junior and mid-level GRC analysts to raise team capability.
Requirements
- 5+ years of experience in GRC, information security compliance, or IT audit, ideally within fintech or financial services.
- Deep working knowledge of PCI DSS v4.0.1, ISO 27001, and SOC 2.
- Proven track record of leading end-to-end external audits and regulatory assessments.
- Ability to translate complex regulatory obligations into practical, proportionate controls for technical teams.
- Strong experience in mentoring and developing less experienced colleagues.
- Exceptional communication skills with the ability to frame risk for both technical and executive audiences.
Preferred Qualifications
- Advanced certifications such as CISA, CISM, CISSP, PCIP, or ISO 27001 Lead Auditor.
- Familiarity with cloud environments (AWS, Azure, or GCP) at a control level.
- Experience with AI governance frameworks (e.g., ISO 42001 or NIST AI RMF).
- Experience implementing GRC tooling or compliance automation solutions.
- Background in Big Four advisory or a major payments scheme.
About the Company
Checkout.com is a global fintech leader enabling over 10 billion transactions yearly for more than one billion shoppers. We power the digital experiences of brands like eBay, Spotify, and Uber, providing the scalable payment technology that ambitious businesses need to grow. With 20 offices across six continents, we are shaping the future of global payments.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSenior Information Security Analyst (GRC)
Checkout.com · London
