Security GRC Lead EMEA (F/M/D)

Flowdesk's mission is to build a global financial institution for digital assets, one designed from the ground up for market integrity and efficiency.

To achieve this in a rapidly evolving market, we apply a disciplined, first-principles approach to everything we do. This approach is embedded in our core services, from institutional liquidity provision, trading solutions, OTC execution to our comprehensive treasury management offerings. This is how we cut through the noise and build robust and scalable systems across all our business lines.

Therefore, we seek individuals who are driven by this systematic approach. Joining Flowdesk means you will be a key contributor in building and scaling a more transparent and efficient financial markets infrastructure.

We are hiring a Security GRC Lead to own our non-technical security governance. You will run the enterprise risk register, lead third-party risk management, keep audit evidence and policies solid, and provide governance around identity and access management. This is an autonomous lead IC role focused on outcomes and pragmatic enablement

Your mission will be to

• Own the risk program - maintain the risk register, coordinate reviews, track treatments, and report status
• Lead third-party risk management - intake/tiering, due diligence, issues tracking, re-assessments
• Drive audit/compliance readiness - manage evidence, control attestations, and audit responses; keep procedures/policies current
• Provide governance for identity/access (IDP/IAM/access reviews) with Security/IT/Engineering
• Offer clear, practical security guidance to teams; partner rather than police

• Hands-on risk and TPRM experience in regulated environments (financial services strongly preferred)
• Strong audit/compliance capability- evidence collection, policy/procedure drafting, control verification
• Governance-first profile (non-technical cybersecurity focus)
• Self-starter who takes ownership and delivers with minimal handholding
• Crypto industry experience is a plus; crypto curiosity welcomed

• International environment (English is the main language)
• 100% health coverage
• Team events and offsites

Recruitment process

Are you interested in this job but feel you haven't ticked all the boxes? Don't hesitate to apply and tell us in the cover letter section why we should meet

Here's what you can expect if you apply

1. HR Call with our Tech Talent Acquisition (30’)
2. Technical interview with Our Cybersecurity Director (60’)
3. Technical Meeting with our Internal Control Lead (45’)
4. C- Level interview with our CRO (30’)
5. Wrap up interview with our TA Team (45’)
6. C-Level interview (30’)
   

On the agenda, discussions rather than trick questions! These moments of exchange will allow you to understand how Flowdesk works and its values. But they are also (and above all) an opportunity for you to present your career path and your expectations for your next job.