GRC Specialist

About the Role: GRC Specialist

As a GRC Specialist at FYUL, you will join the Assurance & Governance team, playing a crucial role in cybersecurity risk management, vendor oversight, compliance, and fostering security awareness across the organization.

Key Responsibilities:

• Vendor Management: Facilitate the comprehensive onboarding and annual review process for third-party vendors, including conducting thorough security assessments.
• Internal Documentation: Actively participate in the development, continuous maintenance, and timely update of information security policies and procedures.
• Risk Management: Conduct detailed risk assessments, meticulously track remediation plans, and ensure the prompt closure of all identified risks.
• Compliance Management: Leverage your expertise to ensure strict adherence to relevant industry standards and regulations, such as ISO 27001, SOC 2, NIST, and PCI-DSS. You will also be involved in internal and external audits, responsible for gathering evidence and managing findings.
• Security Awareness: Develop and deliver engaging awareness programs and training sessions on critical cybersecurity, governance, risk, and compliance topics to a diverse audience.

Your Qualifications:

• Experience: Possess 3+ years of hands-on experience in vendor management, risk management, IT audit, and compliance. Practical experience in implementing standards like ISO/IEC 27001, SOC2, or PCI-DSS is essential.
• Expertise: Proven ability to develop and implement internal security policies and procedures, with a knack for delivering clear and efficient guidelines.
• Problem-solving mindset: Demonstrate an excellent ability to dissect complex challenges, propose innovative solutions, and drive initiatives to successful completion.
• Communication & Proactivity: Exhibit outstanding communication skills, capable of clearly conveying intricate ideas and engaging effectively with both non-technical and technical stakeholders at all organizational levels.
• Good command of English: Essential for thriving in our global and multinational environment.

Certifications such as CISSP, CISM, CISA, PECB ISO27001 Lead Implementer/Lead Auditor, and CompTIA Security+ are highly valued additions to your profile.

What FYUL Offers:

• A global, inclusive, and highly supportive team culture.
• Opportunity to work remotely.
• Flexible working hours, with the option to start your day as late as 10 AM.
• Private health insurance.
• 2 extra paid days off for mental or physical well-being.
• 1 additional paid day off to celebrate a Birthday or other personal celebration.
• Extensive internal and external learning opportunities.
• Access to mentorship programs, internal meetups, and hackathons (both on-site and online).
• Employee discount for designing and ordering your own merchandise.
• Exciting team-building events and unforgettable parties.

About FYUL:

FYUL is the powerhouse driving on-demand commerce globally. Formed in 2024 through the merger of Printful, Printify, and Snow Commerce, we integrate technology, talent, and infrastructure to empower individuals and brands to transform ideas into exceptional products. From solo creators to major entertainment entities, FYUL fuels merchandise that captivates millions, supported by cutting-edge technology, premium production, and an expansive global reach. We are a rapidly expanding global company dedicated to empowering great brands, delivering great experiences, and fostering great people. We are an equal-opportunity workplace committed to diversity and inclusion, making hiring decisions based on qualifications, merit, and work experience.

Key skills/competency:

• Cybersecurity Risk Management
• Vendor Management
• Information Security Policies
• Compliance Management
• ISO 27001
• SOC 2
• NIST Frameworks
• PCI-DSS
• IT Audit
• Security Awareness Training