Job Overview
At Sahl, we build products people rely on daily for essential financial tasks. Our foundation is trust, and that trust depends on strong, well-designed governance. We're looking for a GRC Specialist/Manager who can build practical frameworks, streamline compliance, and empower teams to move faster with confidence. This role is all about enabling the business, not slowing it down.
Responsibilities
- Develop, update, and maintain internal policies, security standards, and governance frameworks, ensuring they are practical, lightweight, and aligned with engineering, product, and operational workflows.
- Own and manage the compliance roadmap (ISO 27001, PCI-DSS, GDPR, and local regulations) and coordinate with cross-functional teams to prepare for internal and external audits, ensuring smooth execution.
- Conduct end-to-end risk assessments across technology, product, business operations, and vendor relationships, assigning clear risk owners, defining mitigation strategies, and tracking progress.
- Oversee incident response processes and ensure proper governance around security events, supporting teams in improving process maturity without adding unnecessary operational friction.
- Drive security and compliance awareness across the company, transforming requirements into intuitive practices and adoptable habits rather than rigid checklists.
- Qualifications:
- Experience in GRC, preferably within fintech, financial services, or other highly regulated industries.
- Strong understanding of security frameworks, compliance standards, and risk management methodologies.
- Ability to translate complex compliance requirements into simple, actionable guidance.
- Excellent communication and stakeholder-management skills across technical and non-technical teams.
- Calm, structured mentality when navigating ambiguity, pressure, or urgent issues.
- An enablement-first mindset focused on helping teams move faster with predictable controls.
