company-logo
GRC Manager - Fintech
Description
A client of byteSpark.ai based in Dubai is seeking a seasoned and strategic GRC Manager to spearhead its risk management function. In this pivotal role, the selected candidate will leverage 12+ years of hands-on experience and an engineering background to build and mature a robust, risk-centric GRC program. The role requires designing, implementing, and continuously improving a comprehensive risk management framework tailored to the technological and operational realities of the FinTech landscape. This leadership position demands close collaboration with engineering and product teams to embed security-by-design principles throughout the development lifecycle. The GRC Manager will define the enterprise risk appetite, develop and monitor key risk indicators, and deliver clear, actionable insights to executive leadership and the Board. The successful candidate will also lead quantitative risk analysis and oversee responses to significant incidents, ensuring the resilience and integrity of the platform. This opportunity is ideal for a technical leader passionate about establishing a proactive, data-driven risk culture.
Requirements
1. Bachelor's degree or higher in Engineering, Computer Science, or a related technical field.
2. A minimum of 12 years of progressive, hands-on experience in technology risk management, cybersecurity, or GRC.
3. Demonstrated experience in designing, implementing, and managing risk management frameworks (e.g., COSO, ISO 31000, NIST RMF).
4. Proven experience within the Fintech, banking, or financial services industry, with a deep understanding of its specific risk profile.
5. Strong background in collaborating with engineering and product teams to integrate risk controls into the SDLC (Software Development Lifecycle).
6. Expertise in quantitative risk analysis methodologies and modeling (e.g., FAIR, Monte Carlo simulations).
7. Experience leading incident response and crisis management for significant technology or security events.
8. Proven ability to define risk appetite and present complex risk topics to executive leadership and board-level stakeholders.
Desirable
1. Professional certifications such as CRISC, CISM, CISSP, or CGEIT.
2. Experience with GRC automation platforms (e.g., ServiceNow GRC, Archer, LogicGate).
3. In-depth knowledge of cloud security principles and risk management for IaaS/PaaS/SaaS environments (AWS, Azure, GCP).
4. Familiarity with key regulations and standards impacting Fintech, such as PCI-DSS, GDPR, and SOX.
5. Hands-on experience with security architecture and secure coding practices.
Role Highlights
💰 Compensation
$10,500 per month to $17,000 per month
📍 Location
Dubai
💼 Work Location Type
Onsite
📈 Job Level
Senior
⌛ Experience
12+ Years
🏢 Department
Banking
Getting StartedA few quick details so we know how to reach you
How did you hear about us? *
Which country's passport do you hold? *
Email *(Please ensure the email matches the one mentioned in your CV or resume)
LinkedIn Profile URL *
Please provide your current and expected salary in the box below (with currency): *
Please mention your notice period *
Let’s Get to Know You BetterA few short questions to understand your experience and what you enjoy doing
1. Do you possess a Bachelor's degree or higher in an engineering discipline? *
2. Do you have more than 12 years of hands-on experience focused on technology risk management? *
3. Have you personally led the design and implementation of an enterprise-wide risk management framework like COSO or NIST RMF? *
4. Does your professional experience include working directly for a Fintech or financial services company? *
5. Have you been responsible for presenting risk posture reports directly to C-level executives or a Board of Directors? *
6. Have you served as the lead commander or manager during the response to a major security breach or operational failure? *
Final StepsA few more bits of info
1. Current Employment Status*
2. Current Salary*
per month in AED
3. Expected Salary*
per month in AED
4. Risk & Governance Mastery Matrix*
Tell us how deep your experience goes across core governance and enterprise risk disciplines.
QuestionAwareWorking KnowledgeHands-On OwnershipLed Organization-Wide
Enterprise Risk Assessment
Internal Controls Design
Policy Framework Governance
Audit & Assurance Readiness
5. FinTech Regulatory Readiness Grid*
Select the level that best represents your hands-on exposure to regulatory expectations in FinTech.
QuestionNo ExposureBasic UnderstandingApplied ExperienceExpert / Lead Representative
Central Bank Compliance (CBUAE / SAMA / CBB)
AML / CFT Program Oversight
Licensing & Regulatory Reporting
Data Privacy & Cross-Border Controls
6. Technology, Security & Resilience Capability Map*
Help us understand how you operate across technology-aligned GRC domains that enable secure FinTech operations.
QuestionLearningContributorPractitionerStrategic Leader
Information Security Governance
Cloud & Third-Party Compliance
Incident Management & Response
Business Continuity & DR Planning
7. Where are you currently located*
e.g. Dubai, UAE or Riyadh, KSA or London, UK (be specific)
Upload ResumeHelp us get to know you better by sharing your most recent resume
Frequently Asked Questions (FAQs)Have a question? Check here for quick answers
byteSpark.ai is a recruitment services agency and this role is with a client of byteSpark.ai in the banking/financial services industry.
Yes you can, if your CV matches the role we will call you for a chat and share the details before we submit your profile to our client.