GRC Team Leader

Description

eToro is the trading and investing platform that empowers users to invest, share and learn. We were founded in 2007 with the vision of a world where everyone can trade and invest in a simple and transparent way. We have created an investment platform that is built around collaboration and investor education. On our platform, users can view other investors’ portfolios and statistics, and interact with them to exchange ideas, discuss strategies and benefit from shared knowledge. We have over 38 million registered users from 75 countries and our platform is available in 20 languages. We are a fast growing business with over 1,500 employees across 13 offices around the globe, strategically positioned to serve the needs of users. You can find out more about eToro here .

We are seeking an experienced Security Governance, Risk, and Compliance (GRC) Team Leader to drive our security and compliance programs while building and managing a high-performing team. This role combines strategic leadership with deep technical expertise in security frameworks and regulatory compliance within the fintech industry.

Key Responsibilities

Leadership & Team Management

• Build, mentor, and lead a team of GRC professionals, fostering a culture of excellence and continuous improvement
• Develop and implement strategic objectives for the GRC function, aligned with organizational goals
• Establish KPIs and metrics to measure team performance and program effectiveness
• Lead resource planning, budget management, and professional development initiatives for the team
  
  

• Direct the development and maintenance of the organization's security governance framework
• Oversee the enterprise-wide IT and cyber risk management program
• Lead the implementation and monitoring of security controls across the organization
• Drive security awareness and training programs across the company
  
  

• Lead regulatory compliance initiatives, ensuring adherence to relevant frameworks including ISO 27001, SOC, NYDFS, and NIST
• Oversee internal and external audit processes, managing relationships with auditors and regulators
• Direct the development and maintenance of policies, procedures, and controls
• Lead the response to audit findings and oversee remediation efforts
  
  

• Partner with executive leadership to align security initiatives with business objectives
• Lead vendor risk management program and third-party due diligence processes
• Build strong relationships with business unit leaders to ensure effective control implementation
• Present security and compliance metrics to senior management and board members
  
  

• 7+ years of experience in IT security, risk management, or compliance
• 3+ years of people management experience
• Deep knowledge of security frameworks and financial industry regulations
• Strong understanding of risk management principles and methodologies
• Excellent leadership, communication, and stakeholder management skills
  
  

• Master's degree in Information Security, Business Administration, or related field
• Relevant certifications (CISM, CISSP, CRISC, or similar)
• Experience in fintech or financial services industry
• Track record of building and scaling GRC programs
  
  

• Proven ability to build and lead high-performing teams
• Strong business acumen and ability to align security initiatives with business objectives
• Experience managing security programs in a fast-paced, regulated environment
• Excellence in stakeholder management and executive communication
• Forward-thinking approach to emerging security trends and regulatory changes