Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead security governance activities and enhance our security framework.
- Company: Join Mangopay, a pioneer in multi-party payment solutions for fintechs.
- Benefits: Enjoy a diverse team culture, remote work options, and opportunities for growth.
- Why this job: Make an impact in fintech while driving security and compliance improvements.
- Qualifications: 5-7 years of experience with a Master's degree or equivalent in Security or Technology.
- Other info: Equal opportunity employer; all qualified applicants are encouraged to apply.
The predicted salary is between 48000 - 72000 Β£ per year.
Mangopay is a wallet-based payment infrastructure built specifically for organisations with complex, multi-party fund flows. A pioneer in multi-party payments.
Our solution optimises fund flows on behalf of the organisations we work with using wallets as programmable, composable building blocks.
Mangopay\βs regulated platform collects payments, secures transactions and holds funds, splits money between the various parties in the funds flow, and ultimately manages the payout to service providers, sellers, and consumers.
Platforms and fintechs using Mangopay regain control and transparency over multi-party payment flows, generate additional revenue, and improve operational efficiency. They can stay compliant while innovating and scaling.
Our team of 300+ people is spread across offices in Madrid, Paris, Warsaw, Berlin, Luxembourg and London. We\βre looking for talented individuals to join us in tackling the exciting challenges ahead.
At Mangopay, you\βll be part of a supportive, diverse team committed to building scalable solutions and driving change in the fintech space!
Summary
As a senior GRC professional, you will take ownership of complex security governance activities, applying your deep understanding of information security, risk management, and regulatory compliance to support and enhance our organisation\βs security posture. You will lead efforts to maintain and mature our security framework, collaborate on designing effective processes and controls, and ensure alignment with internal policies and external regulatory expectations. Beyond execution, you will drive continuous improvement and act as a key point of contact for audits and risk assessments.
Responsibilities
- Maintain and enhance the organisation\βs security framework, including policies, guidelines, standards, and procedures.
- Design and support the implementation of security processes and controls aligned with internal frameworks and regulatory requirements.
- Conduct security assessments and vendor due diligence for third-party risk management.
- Act as lead contact for audits, ensuring effective preparation, documentation, and issue resolution.
- Perform risk assessments and ensure the security risk register is accurate, up-to-date, and actionable.
- Stay up to date with relevant regulations (e.g., DORA, EBA guidelines, UK/EU compliance requirements), and translate them into applicable controls and internal processes.
- Support the organisation\βs PCI-DSS certification efforts and maintain a strong understanding of its evolving requirements.
- Advise internal stakeholders on compliance best practices and security control design.
Qualifications
- 5-7 years of relevant experience.
- Master\βs degree or equivalent in Security, Technology; advanced certifications or master\βs degree preferred.
- Professional certifications preferred: CISA, ISO/IEC 27001 (Auditor or Implementer), AWS Security Speciality, or equivalent.
- In-depth knowledge of EU/UK regulatory environments, including DORA, EBA guidelines, and equivalent local implementations.
- Strong working knowledge of PCI-DSS, security audits, and compliance frameworks.
- Proficiency in English required; additional language(s) considered an asset.
- Significant expertise and track record of success in similar environments.
Additional information
Interview process:
- HR Call
- Interview with Head of Security
- Interview with Application Security Engineer
We care about equal employment opportunities, so all qualified applicants will receive equal consideration regardless of their race, colour, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. #J-18808-Ljbffr
Security Governance Engineer (GRC) employer: Mangopay
Contact Detail:
Mangopay Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Security Governance Engineer (GRC)
β¨Tip Number 1
Familiarise yourself with the specific regulations mentioned in the job description, such as DORA and EBA guidelines. Being able to discuss these in detail during your interview will show your commitment and understanding of the compliance landscape.
β¨Tip Number 2
Network with professionals in the fintech and security governance sectors. Attend relevant webinars or local meetups to connect with others in the field, which can provide insights and potentially lead to referrals.
β¨Tip Number 3
Prepare to discuss your experience with security frameworks and risk management processes. Be ready to share specific examples of how you've successfully implemented or improved security measures in previous roles.
β¨Tip Number 4
Research Mangopay's current security practices and any recent news about their operations. This knowledge will help you tailor your responses and demonstrate your genuine interest in the company during the interview process.
We think you need these skills to ace Security Governance Engineer (GRC)
Some tips for your application π«‘
Understand the Role: Before applying, make sure to thoroughly understand the responsibilities and qualifications required for the Security Governance Engineer position at Mangopay. Tailor your application to highlight relevant experience in security governance, risk management, and compliance.
Highlight Relevant Experience: In your CV and cover letter, emphasise your 5-7 years of relevant experience, particularly any roles that involved security frameworks, audits, or compliance with regulations like PCI-DSS and DORA. Use specific examples to demonstrate your expertise.
Showcase Certifications: If you hold any professional certifications such as CISA, ISO/IEC 27001, or AWS Security Speciality, be sure to mention these prominently in your application. They can set you apart from other candidates and show your commitment to the field.
Craft a Strong Cover Letter: Write a compelling cover letter that not only outlines your qualifications but also expresses your enthusiasm for working at Mangopay. Discuss how your skills align with their mission to enhance security in fintech and your desire to contribute to their team.
How to prepare for a job interview at Mangopay
β¨Understand the Security Framework
Familiarise yourself with Mangopay's security framework and the specific policies, guidelines, and standards they follow. Be prepared to discuss how your experience aligns with their existing processes and how you can contribute to enhancing them.
β¨Showcase Your Regulatory Knowledge
Demonstrate your understanding of relevant regulations such as DORA and EBA guidelines. Be ready to explain how you have previously implemented compliance measures and how you would approach translating these regulations into actionable controls at Mangopay.
β¨Prepare for Technical Questions
Expect technical questions related to risk assessments, vendor due diligence, and PCI-DSS certification. Brush up on your knowledge of security audits and compliance frameworks, and be ready to provide examples from your past experiences.
β¨Engage with the Interviewers
During the interviews, engage actively with the Head of Security and the Application Security Engineer. Ask insightful questions about their current challenges and express your enthusiasm for contributing to their team and the fintech space.