About Verto

At Verto, we're on a mission to democratise global finance and empower businesses in Emerging Markets to reach the world. Founded by British-Nigerian entrepreneurs Ola Oyetayo and Anthony Oduu, our roots in Africa provided a firsthand understanding of the significant challenges businesses face with cross-border payments, from illiquid currencies and high fees to slow transactions. This deep-rooted insight is why Africa remains a core focus, as we're committed to bridging the gap between emerging and developed markets and fostering global economic growth.

What started as an FX solution for the Nigerian Naira has evolved into a market-leading platform, enabling thousands of businesses to seamlessly transfer billions of dollars annually. We believe that where you do business shouldn’t determine your success or ability to scale. We're creating equal access to the easy payment and liquidity solutions that are already a given in developed markets.

We're not alone in realising this crucial need; we're backed by world-class investors including Y-Combinator, Quona, and MEVP. Our impact has been recognised with accolades such as 'Fintech Start-Up of the Year' and the Milken-Motsepe Prize, a testament to our role in powering payments for some of the world's most disruptive startups. Join us as we continue to grow and transform global finance.

Role Overview

This role is pivotal to strengthening our global security posture by driving our Governance, Risk, and Compliance (GRC) initiatives. The work directly protects the company's data, reputation, and business operations by ensuring adherence to critical European regulatory standards like DORA and GDPR.

About the Role

We are seeking a results-driven and proactive Information Security and GRC Analyst to be a central part of our global security function.

What You’ll Be Doing:

• Developing and managing our global Information Security Management System (ISMS) and GRC frameworks.

• Actively participating in and driving end-to-end compliance and audit activities for certifications such as DORA, ISO 2700, PCI DSS, and SOC 2.

• Conducting comprehensive security and data privacy risk assessments across the organization.

• Managing the third-party and vendor security risk lifecycle.

• Partnering with IT, engineering, and operations teams to embed security practices into business processes.

• Developing and delivering security awareness training to foster a security-conscious culture.

• Creating and presenting clear governance and risk reports for leadership.

• Supporting incident management and response activities to drive continuous improvement.

What You Need:

• 4 years+ of work experience in the relevant field of infosec or cybersecurity

• Proven experience in information security compliance, governance, or ICT risk management.

• In-depth, practical knowledge of managing compliance programs against DORA, ISO 27001, PCI DSS, and GDPR.

• Demonstrable experience conducting risk assessments, managing third-party security, and leading audit preparations.

• A strong understanding of global IT operations, including infrastructure, cloud services, and system security.

• Proven ability to develop clear and effective GRC documentation, including policies and standards.

• Exceptional communication skills for engaging with technical teams, business stakeholders, and senior management.

Note: We will not be able to progress your application without all the above skills/qualifications

Best If You Have:

• Professional certifications such as ISO 27001 Lead Implementer/Auditor, CISM, or CISA.

• Familiarity with DORA & additional frameworks like NIS2 or SOC2.

• Direct experience in the fintech or financial services industry.

• Proven ability to thrive in a fast-paced, growth-stage startup environment.

About our Culture

We’re building more than just a team, we’re building a community of people who care deeply about their craft, collaborate with purpose, and enjoy the journey together.

Perks

• Health insurance, flexible work schedules and generous leave policy and a professional development budget

You’ll Fit Right In If You

• Love asking “why?”

• Value solving problems over just completing tasks

• Understand sync vs. async communication practices

• Thrive in ambiguity and change

• Actively seek feedback

• Prioritise impact over activity

About the Interview Process

The interview process will have a round with the talent team, a hiring manager round and a case study round with a panel