ABOUT UNIT

Unit is a market leader in embedded finance. We offer ready-to-launch financial services - like banking and capital - and serve millions of end-users across ~100 customers, including Wix, Bill.com, Honeybook, Relay, and more.

We’re repeat founders with technical backgrounds, working hard to build a successful company that we’re proud to work at. Our product moves $40b+ annually and processes 12m+ API calls daily. We’ve raised $160m+ from top investors including Insight, Accel, and 60+ angels.

THE ROLE

We are hiring a Senior Technical GRC Specialist to join our growing team. Reporting to the Information Security Manager, the Senior Technical GRC Specialist is primarily responsible for supporting the company’s security program and compliance initiatives. The GRC Specialist will help ensure that we meet the requirements of various security frameworks and regulations while overseeing processes related to security governance, risk management, and compliance.

KEY RESPONSIBILITIES

• Manage external security audits (e.g., PCI-DSS, SOC 2, SOC 1), including evidence collection, operation of GRC tools, collaboration with stakeholders, and reporting to auditors.

• Review and update security policies and procedures, and implement corrective actions based on audit findings and management feedback.

• Lead ongoing security and compliance tasks, such as user access review cycles and audit-related compliance initiatives across the organization.

• Drive security awareness and training activities, including phishing simulations, publishing security-related content, and leading company-wide Security & Privacy sessions.

• Collect and review security documentation (e.g., policies, penetration tests) from clients and conduct vendor assessments for various risk levels, including software, service providers, and external workforce.

• Security clients-facing effort: answer security questionnaires, review legal contracts from a security perspective, maintain our security internal knowledge base, and take part in security-related calls with clients and partners.

• Operate and utilize GRC tools.

• Serve as a go-to person for employees on security and compliance matters and perform other team-related duties as needed.

WHAT WE’RE LOOKING FOR

• 5+ years of experience in GRC, information security, compliance, or related roles (preferably in fintech or banking)

• Strong knowledge of security and privacy frameworks such as SOC 2, PCI DSS, GLBA, and CCPA

• Familiarity with AWS security best practices is a must

• Hands-on experience with compliance automation tools (e.g., Anecdotes)

• Hands-on experience with vendor risk assessments and tools like Panorays.

• Experience creating compliance reports using CNAP tools (e.g., Wiz, Orca, Prisma Cloud)

• Familiarity with Kubernetes concepts and architecture

• Detail-oriented, proactive, and self-motivated

• Excellent written and verbal communication skills in English

• Relevant certifications (CISM, CISSP, CISO, CIPM) are an advantage

• A technical background in cloud environments is an advantage

LIFE AT UNIT

Working at Unit means joining a global team on a mission to create a more equitable financial ecosystem. We’re a fast-growing team of individuals who are passionate about their work, see the big picture and always seek to empower our clients and their end-customers.

Compensation Range: $100K - $120K