GRC Analyst

Primer Technologies, Inc.

Job Overview

Location

Poland

Job Type

Full-time

Full Job Description

📋 Description

• As a GRC Analyst at Primer Technologies, you will play a critical role in safeguarding the company’s regulatory standing and customer trust by owning the end-to-end execution of its Governance, Risk & Compliance program. This mid-level individual contributor position is essential to maintaining continuous compliance amid expanding regulatory obligations across PCI DSS, DORA, NIS2, and the EU AI Act, directly supporting Primer’s mission to rebuild payments infrastructure with integrity and transparency.
• You will maintain a year-round evidence calendar and run continuous control monitoring to ensure audit readiness, coordinating closely with external auditors for SOC 2, PCI DSS, ISO 27001, and similar assessments. This includes preparing documentation, tracking remediation, and ensuring controls operate effectively—not just during audit season but throughout the year.
• You will own all external trust requests, including security questionnaires, vendor assessments, and RFP responses, managing a centralized response library to enable fast, accurate, and consistent replies that keep sales and procurement cycles moving without delay.
• You will coordinate risk assessments, support security awareness and training initiatives, and govern vulnerability management processes, working with engineering and security teams to align technical controls with compliance requirements across multiple frameworks.
• You will manage the full lifecycle of internal policies—drafting, updating, exception handling, violation monitoring, and remediation tracking—serving as the single point of accountability to ensure policies remain current, enforceable, and aligned with business and regulatory needs.
• You will drive future certification efforts, such as ISO 27001, and support the operationalisation of new regulatory frameworks as they emerge, helping Primer scale its compliance posture proactively rather than reactively.
• You will partner closely with engineers, legal, and leadership teams as a trusted subject-matter expert, translating technical controls into compliance evidence and advising on risk implications of product and infrastructure changes.
• You will contribute to a culture of proactive risk management by identifying gaps, recommending improvements, and fostering cross-functional collaboration that balances innovation with responsibility.
• You will develop deep expertise in global financial regulations and emerging tech compliance landscapes, positioning yourself as a strategic advisor in a fast-growing fintech leader backed by top-tier investors like Accel, Balderton, Iconiq, and Tencent.

🎯 Requirements

• 3–5 years of experience in a GRC, compliance, or information security governance role
• Hands-on experience coordinating external audits (SOC 2, PCI DSS, ISO 27001, or similar)
• Familiarity with EU regulatory frameworks including GDPR, DORA, NIS2, and the EU AI Act
• Experience managing vendor risk assessments and third-party due diligence
• Proven ability to maintain evidence and controls on a continuous, year-round basis
• Strong organisational skills and detail-oriented mindset with a bias for proactive, systematic work
• Clear, concise communication style enabling effective collaboration across engineering, legal, and leadership teams
• Comfort working with compliance tooling and GRC platforms such as Vanta, Drata, OneTrust, or similar

🏖️ Benefits

• Fully remote and globally distributed work model since day one, with flexibility to work from anywhere
• Competitive share options to align employee success with company growth
• Uncapped holiday policy with a minimum of 25 days encouraged to be taken annually
• Annual company retreat and workations, plus access to co-working spaces worldwide for in-person connection
• £500 home office setup stipend and provision of best-in-class equipment for your role
• Private Medical Insurance and a generous learning budget to support professional development
• Additional location-dependent perks and benefits as part of a broad, inclusive benefits package

Skills & Technologies

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Primer Technologies, Inc.

Visit Website

About Primer Technologies, Inc.

Primer Technologies is a San Francisco–based fintech infrastructure firm that provides a unified payments platform for online merchants. It offers low-code integrations with global processors, fraud tools, analytics, and checkout orchestration through a single API. The company helps e-commerce businesses add, optimize, and route payments across providers without custom backend work, improving authorization rates and reducing development time. Founded in 2020, Primer serves mid-market to enterprise retailers across Europe, North America, and Asia.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.