Governance, Risk & Compliance Specialist

Governance, Risk & Compliance Specialist

Join to apply for the Governance, Risk & Compliance Specialist role at Teya

We’re a payment and software service provider headquartered in London serving small local businesses across Europe. Founded in 2019, we build easy‑to‑use integrated tools that enable our members to accept payments and boost business performance.

At Teya we believe small, local businesses are the lifeblood of our communities. We’re here because we don’t believe there’s a level playing field that gives small businesses a fighting chance against the giants of the high street. We’re here to fight for a future where small, local businesses can thrive, and to commit the same dedication they offer all of us.

We’re looking for exceptional talent to join our mission. We offer a chance to create impact in a high‑energy and connected culture, while benefiting from continuous learning opportunities, a supportive community that is proud to serve our mission, and comprehensive benefits.

Your Mission

We’re seeking an experienced Security GRC Specialist to drive our transformation into banking and credit services. This role blends security, risk, and compliance—translating complex regulations into practical programs that enable business growth. Reporting to senior security leadership, you’ll collaborate with teams across Europe (IT, Legal, Product, HR, etc.) to implement a scalable governance framework and influence Teya’s overall security strategy.

Your Role Will Include

Governance & Policy

• Develop, maintain, and update security policies, standards, and frameworks aligned with business and regulatory needs.
• Evolve the ISMS to support banking services and European expansion.
• Create clear, actionable documentation for security controls.

Risk Management

• Conduct enterprise‑wide and third‑party security risk assessments.
• Maintain risk registers, treatment plans, and executive reports.
• Balance security needs with business enablement.

Compliance & Regulatory

• Ensure compliance with ISO 27001, PCI‑DSS/PIN/MPOC, DORA, NIST, SWIFT CSP, GDPR, FCA, and other financial regulations.
• Manage compliance tracking, reporting, and regulatory roadmaps.
• Act as the liaison with auditors and regulators.

Audit & Assessment

• Lead internal/external audits and certification processes.
• Manage evidence collection, remediation, and reporting.
• Maintain audit readiness and control assessment programs.

Third‑Party Risk

• Oversee the TPRM program, vendor assessments, and due diligence.
• Monitor ongoing vendor compliance and manage related incidents.

Your Story

Must Have

• 5+ years’ experience in security governance, risk, and compliance within financial services, fintech, or banking.
• Proven expertise across key frameworks: ISO 27001, PCI‑DSS/PIN/MPOC, DORA, NIST CSF, GDPR, SWIFT CSP, and FCA regulations.
• Strong understanding of risk management methodologies (ISO 31000, FAIR, NIST RMF) and third‑party risk programs.
• Experience managing regulatory audits, assessments, and interactions with auditors and regulators.
• Knowledge of banking and credit risk frameworks and EU/UK compliance requirements.

Nice to Have

• Solid grasp of information security principles (cryptography, IAM, network security, secure SDLC).
• Familiar with tools such as SIEM, DLP, encryption, vulnerability management, and GRC platforms (OneTrust, ServiceNow GRC, Jira, Confluence).
• Experience with audit evidence management and cloud security (AWS, Azure, GCP).

The Perks

• Flexible working hours.
• GymPass giving free access to over 1,500 gyms in the UK, 1‑1 therapy, meditation sessions, digital fitness and nutrition apps.
• Extended and improved maternity and paternity leave choices.
• Cycle‑to‑Work scheme.
• Health and life insurance.
• Pension scheme.
• 25 days of annual leave (+ bank holidays).
• Office snacks every day.
• Friendly, comfortable and informal office environment in Central London.

Teya is proud to be an equal‑opportunity employer.

We are committed to creating an inclusive environment where everyone regardless of race, ethnicity, gender identity or expression, sexual orientation, age, disability, religion, or background can thrive and do their best work. We believe that a diverse team leads to better ideas, stronger outcomes, and a more supportive workplace for all.

If you require any reasonable adjustments at any stage of the recruitment process whether for interviews, assessments, or other parts of the application—we encourage you to let us know. We are committed to ensuring that every candidate has a fair and accessible experience with us.