Information Security Analyst (GRC & Regulatory Readiness)

About the Company

Paybis is an international FinTech company operating in the crypto and payments space. We build secure, compliant, and user-friendly products for individual and corporate clients worldwide.

As part of strengthening our security and compliance foundations, we are expanding our Security function and looking for an Information Security Analyst to support and gradually take ownership of operational security governance, risk management, and regulatory readiness in a regulated environment.

This role is ideal for a strong mid-level professional who already has hands-on GRC experience in regulated environments and wants to grow into a more autonomous GRC ownership role over time.

Role Purpose

The Information Security Analyst supports and operates core information security governance, risk, and compliance (GRC) activities across the organization.

Immediate Focus (First 3–6 Months)

• Update and maintain a centralized information security risk register with ownership and remediation tracking.
• Inventory, normalize, and maintain existing security policies, procedures, and documentation.
• Take full ownership of vendor and partner security assessments and due diligence processes.
• Support ongoing audits, regulatory inquiries, and partner security reviews.
• Document current incident response, escalation, and post-incident reporting processes.
• Close gaps between implemented security controls and formal, audit-ready documentation.

Security Governance, Risk & Compliance (Ongoing)

• Operate and continuously improve security governance processes across teams.

• Support MiCA and DORA evolution:

  • control mapping,
  • evidence preparation,
  • gap tracking and remediation follow-up.
• Prepare and maintain audit-ready evidence packages.
• Coordinate between Engineering, Legal, Compliance, Product, and Security stakeholders.
• Act as the central point of coordination for operational security governance.
• Ensure security documentation is current, version-controlled, and consistently applied.

• 3–5 years of experience in Governance, Risk and Compliance.
• Proven experience working in regulated environments (fintech, financial services, crypto, or similar).

• Strong understanding of:

  • risk management lifecycle,
  • third-party / vendor risk management,
  • regulatory compliance activities.
• ISO 27001 implementation or maintenance experience.
• Experience preparing documentation and evidence for audits or regulatory reviews.

Nice-to-Have Experience

• Fintech or crypto industry background.
• Experience supporting external auditors or regulators.
• Awareness of MiCA and DORA.
• Experience working closely with or reporting to a CISO.

Soft Skills

• Strong ownership mindset and ability to operate independently.
• Ability to structure ambiguity and turn ad-hoc practices into repeatable processes.
• Excellent documentation discipline and attention to detail.
• Clear, confident communication with non-technical stakeholders.
• Pragmatic, solution-oriented approach (not bureaucratic).
• Ability to influence across teams without direct authority.

Soft Skills

• Strong sense of ownership and responsibility.
• Ability to work independently while seeking guidance when needed.
• Structured and detail-oriented approach to documentation.
• Clear communication with non-technical stakeholders.
• Pragmatic, solution-oriented mindset (not overly bureaucratic).

Why Join Paybis

• Impact: This is a foundational role shaping the company's security operations.
• Autonomy: Full ownership of one of the company’s most critical products.
• Growth: Direct collaboration with CTO, CIO, and incoming CISO.
• Culture: Fast-moving fintech environment with high trust and responsibility.
• Flexibility: Remote-first setup aligned with EU time zones.
• Medical Insurance.
• Corporate English classes.
• Education Budget for professional development.