MLW LogoMost Loved Workplace® Certified Job

IT Governance, Risk & Compliance (GRC) Specialist, Luxembourg

MLW LogoAssessed by Most Loved Workplace®
92% of candidates apply because they are a Most Loved Workplace®
Luxembourg
8505 Bridge - G&A
This position may no longer be active.View all open positions at Stripe

About the Role

At Stripe, a Most Loved Workplace® certified employer in the Financial Services space, Economic infrastructure for the internet, powering ambitious businesses globally..

<h2>Who we are</h2>

<h3>About Stripe</h3>

<p>Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone's reach while doing the most important work of your career.</p>

<h3>About the team</h3>

<p>Bridge Building S.A. (BBSA) is the Luxembourg regulated entity of Bridge, a Stripe company. We operate as an EMI and future CASP in one of Europe's most demanding regulatory environments (CSSF, DORA, MiCA).</p>

<p>BBSA is building a local regulated platform powered by a global-first technology model.</p>

<h2>What you'll do</h2>

<p>In this context, we're looking for an IT GRC Analyst to act as the bridge between strict European regulations and high-velocity global engineering.</p>

<p>This role is the control and risk right hand of the Bridge Global CISO. While our global teams build the tech, you ensure it is compliant, resilient, and audit-ready. You'll translate requirements like DORA and MiCA into tangible IT controls, oversee third-party risks, and maintain the integrity of our governance framework.</p>

<p>This is not a tick-the-box compliance role. It is an operational position for a professional who understands technology well enough to govern it effectively. You'll have high visibility, owning the frameworks that allow us to scale securely.</p>

<h3>Responsibilities</h3>

<p>IT governance and risk management • Maintain and evolve the IT Risk Register, ensuring risks are identified, assessed, and treated in line with Stripe's risk appetite. • Drive the local implementation of the DORA (Digital Operational Resilience Act) framework, including ICT risk management and incident classification. • Bridge the gap between technical reality and policy by drafting, reviewing, and updating IT policies and procedures. • Perform periodic control testing to ensure global engineering practices align with local regulatory requirements. • Act as the primary support to the local Head of IT.</p>

<p>Third-party risk management (TPRM) • Support ICT due diligence and risk assessments of critical vendors and service providers, while assisting with Developer and Customer Oversight. • Monitor service level agreements and performance metrics of critical vendors, challenging performance where necessary. • Act as the primary support to the outsourcing manager regarding technical vendor oversight.</p>

<p>Access governance and control (IAG) • Oversee the identity and access governance strategy, including adherence to Segregation of Duties, principle of least privilege, and others. • Conduct periodic user access reviews for critical systems.</p>

<p>Regulatory compliance and audit readiness • Act as the primary liaison for internal audit regarding IT topics. • Prepare technical inputs and evidence for CSSF notifications and regulatory reporting. • Monitor compliance with GDPR and data privacy controls (e.g., DLP oversight, data residency). • Coordinate business continuity (BCP) and disaster recovery (DR) testing documentation and reporting.</p>

<p>Incident governance • Oversee the IT incident management process to ensure proper classification, reporting, and root cause analysis (RCA). • Ensure major incidents are reported to regulators within mandated timeframes, in collaboration with Compliance.</p>

<h2>Who you are</h2>

<h3>Minimum requirements</h3>

<ul>

<li>Bachelor's or Master's degree in Information Systems, Cybersecurity, or Business Administration, with a strong IT focus.</li>

<li>3–6 years of experience in IT audit, IT risk, GRC, or information security. • High professional fluency in English.</li>

</ul>

<h3>Preferred qualifications</h3>

<ul>

<li>Experience in a regulated sector (Banking, Fintech, or Insurance).</li>

<li>Experience at a large-scale public accounting firm in IT risk advisory.</li>

<li>Experience with CSSF circulars, EBA guidelines, or DORA.</li>

<li>Strong understanding of ISO 27001, NIST, or COBIT.</li>

<li>Understanding of cloud fundamentals (AWS).</li>

</ul>

Want to learn more about what it's like to work at Stripe? View our full profile.

MLW Logo

Why This Is a Most Loved Workplace® Certified Job

What It's Like to Work Here

Lightbulb Problem-Solving Excellence
Globe Global Perspective
Users Customer Obsession
Zap Ownership Mentality
Target Long-term Thinking

Frequently Asked Questions About Working at Stripe

Common questions candidates ask about this role and Stripe's workplace

Stripe powers online and in-person payment processing and financial solutions for businesses of all sizes.

Please review the specific job listing or contact Stripe's recruiting team for details on remote or hybrid work options for this role.

Salary information may vary by role and location. Please check the specific job listing or discuss compensation during the interview process.

Stripe is an established organization in its industry. The company focuses on maintaining a supportive workplace culture for all employees.

Key benefit categories include: Health & Wellness, Financial & Lifestyle, Learning & Development, Work Environment. You can view more details on their CertCheck profile.

The day-to-day environment is guided by core values such as Problem-Solving Excellence and Global Perspective and Customer Obsession.

The company has committed to inclusive practices including: Invest in Growth and Development and Foster Psychological Safety and Inclusion.

Stripe has a supportive and collaborative culture, recognized as a loved place to work by its team members.

Stripe currently has 490 open positions. They are hiring across departments like 1650 AI GTM Strategy & Solutions, 1195 Account Executives (APAC), 1175 Enterprise - Account Executives (NA). You can view all current openings at certcheck.mostlovedworkplace.com/companies/stripe/jobs.

The interview process typically involves an initial recruiter screen followed by team interviews. Please contact Stripe's recruiting team for specific details on this role's process.

Apply for IT Governance, Risk & Compliance (GRC) Specialist, Luxembourg

Submit your application directly to the Stripe team. Let them know why you'd be a great addition to their loved place to work.

Most Loved Workplace® Logo
Powered by Most Loved Workplace®

The global standard for company culture certification and employer of choice visibility.

Learn more about Most Loved Workplace®