Fortris is a leading provider of digital asset integration services for enterprise treasury operations. Founded in 2017 by a team of payment and security veterans, Fortris gives organizations the technology and expertise to embrace digital asset transformation in a secure and simplified manner.
With people from all across the globe, our talented team has built a working environment that encourages both personal and professional growth. We are proud to have been ranked by Great Place To Work® as one of the top five Málaga workplaces in our size category, and we have also been recognized by the Financial Times as one of Europe’s fastest-growing companies.
See fortris.com/careers for more about what we do, our values, and our employee perks.
Your Mission:
We’re looking for a Senior GRC Analyst with a sharp eye for risk, deep understanding of compliance frameworks, and a passion for protecting what matters most. In this role, you’ll help shape our governance, risk, and compliance posture as we scale in a highly regulated and fast-evolving environment. You’ll support our global risk strategy, drive control implementation, and act as a bridge between compliance obligations and day-to-day business operations.
You will work closely with the Security, Product Security, and Engineering teams, taking ownership of cross-functional risk and compliance initiatives while ensuring Fortris stays one step ahead of regulatory requirements.
What You'll Do:
- Execute and continuously enhance GRC processes, including risk assessments, compliance monitoring, and policy governance
- Maintain and update the enterprise risk register, mapping controls and mitigation efforts to key risks
- Support audit readiness and lead evidence collection for frameworks like ISO27001, SOC2, GDPR, DORA and other regulatory regimes
- Coordinate internal control reviews and ensure that controls are effectively designed, implemented, and maintained
- Contribute to the development and refinement of policies, standards, and procedures across the organization
- Collaborate with Security, Product Security and Engineering to integrate governance and compliance into operational practices
- Track regulatory changes and assess their impact on Fortris’s compliance and risk landscape
- Support compliance training and awareness initiatives across all business functions
- Work cross-functionally to assess risk in third-party vendors and support onboarding diligence
- Generate clear, actionable reports and dashboards for internal stakeholders, including leadership
What You'll Bring:
- Fluent level of English and strong written communication skills
- Minimum 5+ years of experience in GRC, Compliance, Risk Management or related functions
- In-depth knowledge of regulatory frameworks and standards like ISO27001, SOC2, NIST, GDPR, and others relevant to fintech/crypto
- Hands-on experience with risk assessments, control design, compliance audits, and policy management
- Experience working with GRC platforms (e.g. LogicGate, ServiceNow GRC, OneTrust) and audit workflows
- Familiarity with security and privacy best practices in SaaS or financial services environments
- Excellent problem-solving abilities and a pragmatic approach to risk mitigation
- Strong interpersonal skills with the ability to influence across teams
- Certifications such as CRISC, CISA, CGRC, or similar are a plus
What We Offer:
- A remote-first culture, empowering you to work from anywhere
- 25 paid vacation days + in lieu allowance for public holidays (depending on location)
- Flexible working hours
- Private health insurance (or equivalent benefits based on location)
- Free optional English lessons
- Personal training budget to support your development
- Team building and company social events
- Cutting-edge tech and Apple equipment
