GRC Specialist / Manager

job Overview

At Sahl, we build products people rely on daily for essential financial tasks. Our foundation is trust, and that trust depends on strong, well-designed governance. We’re looking for a GRC Specialist/Manager who can build practical frameworks, streamline compliance, and empower teams to move faster with confidence. This role is all about enabling the business, not slowing it down.

Responsibilities

• Develop, update, and maintain internal policies, security standards, and governance frameworks, ensuring they are practical, lightweight, and aligned with engineering, product, and operational workflows.
• Own and manage the compliance roadmap (ISO 27001, PCI-DSS, GDPR, and local regulations) and coordinate with cross-functional teams to prepare for internal and external audits, ensuring smooth execution.
• Conduct end-to-end risk assessments across technology, product, business operations, and vendor relationships, assigning clear risk owners, defining mitigation strategies, and tracking progress.
• Oversee incident response processes and ensure proper governance around security events, supporting teams in improving process maturity without adding unnecessary operational friction.
• Drive security and compliance awareness across the company, transforming requirements into intuitive practices and adoptable habits rather than rigid checklists.
• Qualifications:

• Experience in GRC, preferably within fintech, financial services, or other highly regulated industries.
• Strong understanding of security frameworks, compliance standards, and risk management methodologies.
• Ability to translate complex compliance requirements into simple, actionable guidance.
• Excellent communication and stakeholder-management skills across technical and non-technical teams.
• Calm, structured mentality when navigating ambiguity, pressure, or urgent issues.
• An enablement-first mindset focused on helping teams move faster with predictable controls.