GRC Specialist

Pakistan·Kharianmid

OtherIt Specialist

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

About Us:ACE Money Transfer is a UK-based multinational company headquartered in Manchester, United Kingdom.

Technical Tools

OtherIt Specialist

About Us:

ACE Money Transfer is a UK-based multinational company headquartered in Manchester, United Kingdom. ACE Money Transfer provides online remittance services to individuals in 29 countries across the UK, Europe, Canada, and Australia, enabling them to send money across borders in over 100 countries.

About the Role

We are seeking a Mid-level GRC Specialist to join our Risk & Compliance function within a dynamic financial services environment. In this role, you will be responsible for designing, implementing, and maintaining a robust governance, risk, and compliance framework that spans regulatory adherence, cybersecurity controls, internal audit, and enterprise risk management. You will serve as a subject matter expert across GRC disciplines, working closely with senior leadership, business units, and external regulators.

Key Responsibilities

Governance & Policy

Develop, maintain, and enforce enterprise-wide governance frameworks, policies, and procedures in alignment with regulatory requirements and industry best practices.
Manage the policy lifecycle, including drafting, review cycles, approvals, and communication across the organization.
Support board-level governance reporting, including preparation of risk committee materials and management information.

Risk Management

Lead enterprise risk assessments and maintain a dynamic risk register covering cyber, credit, operational, market, and reputational risk categories.
Design and monitor Key Risk Indicators (KRIs) and escalate material risks to senior management in a timely manner.
Facilitate risk workshops with business owners and provide expert guidance on risk mitigation strategies and treatment plans.

Compliance & Regulatory

Monitor applicable regulatory developments (e.g., DORA, GDPR, CBI equivalents) and assess impact on business operations.
Manage regulatory submissions, compliance attestations, and correspondence with regulatory bodies.
Conduct compliance gap analyses and drive remediation efforts to closure.

Cybersecurity / IT GRC

Maintain the IT risk and control framework aligned with standards such as ISO 27001, NIST CSF, or PCI-DSS.
Collaborate with IT and Information Security teams on third-party risk assessments, vendor due diligence, and data privacy controls.
Support cybersecurity incident response from a compliance and governance perspective.
Ensure technology-related risks are appropriately captured in the enterprise risk register.

Audit

Act as the primary liaison for internal and external audits, coordinating information requests and management responses.
Track audit findings and ensure timely, effective remediation by responsible business owners.
Support the development of the internal audit plan based on risk-based prioritization.
Conduct self-assessment exercises (CSA/RCSA) and facilitate control testing across business units.

Qualifications & Experience

Essential

2-3 years of GRC experience within banking, insurance, asset management, or financial technology.
Demonstrated experience managing risk registers, control frameworks, and compliance monitoring programmes.
Hands-on experience with IT/cyber risk and familiarity with ISO 27001, NIST, or equivalent frameworks.
Proven ability to prepare executive-level reporting and present findings to senior management and board committees.
Professional certification(s): CISA, CISM, or ISO 27001 Lead Auditor (LA) - any one or more is a strong plus.

Preferred

Master's degree in Information Security, Cybersecurity, Computer Science, or a related discipline.
Experience with GRC platforms (e.g., Sprinto, ServiceNow GRC, Vanta or similar).
Additional certifications such as CRISC, CGEIT, or CFE are an advantage.

ACE Money Transfer Profile: https://acemoneytransfer.com/company-profile