Copy of Governance, Risk & Compliance Specialist Porto

Hello! We're Teya.

Teya is a payment and software service provider, headquartered in London serving small, local businesses across Europe. Founded in 2019, we build easy to use, integrated tools that enable our members to accept payments and boost business performance.

At Teya we believe small, local businesses are the lifeblood of our communities.

We’re here because we don’t believe there’s a level playing field that gives small businesses with a fighting chance against the giants of the high street.

We’re here because we see banks and legacy service providers making things harder for them. We don’t think the best technology or the best service should be reserved for those with the biggest headquarters.

We’re here to fight for a future where small, local businesses can thrive, and to commit the same dedication they offer all of us.

Become a part of our story.

We’re looking for exceptional talent to join our mission. We offer a chance to create impact in a
- energy and connected culture, while benefiting from continuous learning opportunities, a supportive community which is proud to serve our mission, and comprehensive benefits.

Your Mission

We’re seeking an experienced Security GRC Specialist to drive our transformation into banking and credit services. This role blends security, risk, and compliance—translating complex regulations into practical programs that enable business growth. Reporting to senior security leadership, you’ll collaborate with teams across Europe (IT, Legal, Product, HR, etc. ) to implement a scalable governance framework and influence Teya’s overall security strategy.

Your role will include:

Governance & Policy

• Develop, maintain, and update security policies, standards, and frameworks aligned with business and regulatory needs.
• Evolve the ISMS to support banking services and European expansion.
• Create clear, actionable documentation for security controls.

Risk Management

• Conduct
  - wide and
  - party security risk assessments.
• Maintain risk registers, treatment plans, and executive reports.
• Balance security needs with business enablement.

Compliance & Regulatory

• Ensure compliance with ISO 27001, PCI-DSS/PIN/MPOC, DORA, NIST, SWIFT CSP, GDPR, FCA, and other financial regulations.
• Manage compliance tracking, reporting, and regulatory roadmaps.
• Act as the liaison with auditors and regulators.

Audit & Assessment

• Lead internal/external audits and certification processes.
• Manage evidence collection, remediation, and reporting.
• Maintain audit readiness and control assessment programs.

Third-Party Risk

• Oversee the TPRM program, vendor assessments, and due diligence.
• Monitor ongoing vendor compliance and manage related incidents.

Your Story

Must Have's

• 5+ years’ experience in security governance, risk, and compliance within financial services, fintech, or banking.
• Proven expertise across key frameworks: ISO 27001, PCI-DSS/PIN/MPOC, DORA, NIST CSF, GDPR, SWIFT CSP, and FCA regulations.
• Strong understanding of risk management methodologies (ISO 31000, FAIR, NIST RMF) and third-party risk programs.
• Experience managing regulatory audits, assessments, and interactions with auditors and regulators.
• Knowledge of banking and credit risk frameworks and EU/UK compliance requirements.

Nice to Have's

• Solid grasp of information security principles (cryptography, IAM, network security, secure SDLC).
• Familiar with tools such as SIEM, DLP, encryption, vulnerability management, and GRC platforms (One
  Trust, Service
  Now GRC, Jira, Confluence).
• Experience with audit evidence management and cloud security (AWS, Azure, GCP).

The Perks

• We trust you, so we offer flexible working hours, as long it suits both you and your team;
• Health Insurance;
• Meal Allowance;
• 25 days of Annual leave (+ Bank holidays);
• Public Transportation Card;
• Frequent team events & activities in the office and outside;
• Office snacks every day;
• Friendly, comfortable and informal office environment.

Teya is proud to be an equal opportunity employer.

We are committed to creating an inclusive environment where everyone regardless of race, ethnicity, gender identity or expression, sexual orientation, age, disability, religion, or background can thrive and do their best work. We believe that a diverse team leads to better ideas, stronger outcomes, and a more supportive workplace for all.

If you require any reasonable adjustments at any stage of the recruitment process whether for interviews, assessments, or other parts of the application—we encourage you to let us know. We are committed to ensuring that every candidate has a fair and accessible experience with us.