💼 About This Role

You'll drive key parts of Bitpanda's governance, risk, and compliance program in a regulated fintech environment. You'll own recurring GRC processes end-to-end and partner with control owners across the business. This role offers a hands-on opportunity to help keep the company continuously audit-ready while growing your skills.

🎯 What You'll Do

• Own and maintain parts of the ISMS and ensure policy implementation.
• Plan and run audit readiness activities for ISO 27001/SOC 2.
• Facilitate risk assessments for systems, projects, and vendors.
• Lead third-party risk management due diligence and remediation tracking.
• Execute control testing and produce GRC reporting for leadership.

📋 Requirements

• 1-2 years in information security or GRC roles.
• Experience with ISO 27001 or SOC 2 audit processes.
• Knowledge of risk assessment methodologies.
• Familiarity with regulatory compliance in fintech or financial services.

✨ Nice to Have

• Experience with automated GRC tools (e.g., OneTrust, ServiceNow).
• Certifications like CISA, CISM, or CISSP.
• Knowledge of cloud security frameworks (CIS, NIST).

🎁 Benefits & Perks

• 🏖️ Hybrid working model with 25 remote days per year.
• 📈 Stock option plan participation.
• 🧠 OpenUP mental health support.
• 📚 Udemy unlimited learning access.
• 🍱 Free onsite dining in Vienna office.

📨 Hiring Process

Estimated timeline: 2-4 weeks · AI estimate

1. 1Recruiter screen· 30 min
2. 2Hiring manager interview· 60 min
3. 3Technical/behavioral interview· 60 min