Security GRC Analyst

About Revolut

People deserve more from their money. More visibility, more control, and more freedom. Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products — including spending, saving, investing, exchanging, travelling, and more — help our 65+ million customers get more from their money every day.

As we continue our lightning-fast growth,‌ 2 things are essential to our success: our people and our culture. In recognition of our outstanding employee experience, we've been certified as a Great Place to Work™. So far, we have 10,000+ people working around the world, from our offices and remotely, to help us achieve our mission. And we're looking for more brilliant people. People who love building great products, redefining success, and turning the complexity of a chaotic world into the simplicity of a beautiful solution.

About The Role

Revolut's Talent team is pivotal to how we support our people and manage a seamless experience for them each day. From onboarding to line manager coaching and development, our goal is to create a partnership with our teams that’s people-centric and value-adding.

We're looking for a Security GRC Analyst to help strengthen our global Physical Security Governance, Risk, and Compliance programme. You'll support the development of controls, policy frameworks, and regulatory tracking systems to ensure a safe, scalable, and auditable security environment.

You’ll work cross-functionally with Cybersecurity, Risk, Legal, IT, and Operations teams, gaining hands-on experience in real-world compliance and risk management.

Up for the challenge? Let’s get in touch.

What You'll Be Doing

• Conducting and supporting physical security risk assessments and control gap analyses (e.g., ISO 27001)
• Drafting, maintaining, and reviewing security governance documents (e.g., policies, standards, and procedures)
• Tracking and monitoring compliance obligations across regions (e.g., GDPR, ISO 22301, ISO 27001)
• Preparing for and supporting audits (internal/external) by gathering evidence and coordinating stakeholder input
• Monitoring regulatory developments and evolving industry standards related to physical and information security
• Assisting in developing business continuity and resilience documentation alongside Legal and Operations teams
• Building reports and dashboards to communicate compliance status and GRC metrics to leadership
• Collaborating on process improvement initiatives and risk mitigation plans
  
  

What You'll Need

• 2+ years of experience in a risk, compliance, or security analyst role
• An understanding of GRC principles (policies, risk assessments, and compliance tracking)
• Familiarity with standards and frameworks, such as ISO 27001, ISO 22301, GDPR, NIST
• Proficiency in Google Sheets/Excel for documentation, data tracking, and reporting
• Awareness of IT systems, cybersecurity principles, and physical security controls
• Excellent writing skills for policies, reports, and stakeholder communications
• Impeccable attention to detail
• Great organisational skills and follow-through
• A self-motivated, analytical mindset with a proactive approach to learning and problem-solving
  
  

Nice to have

• Exposure to GRC software platforms (e.g., LogicManager, Archer, ServiceNow GRC)
• Experience with client assurance, due diligence, or responding to security questionnaires
• Knowledge of physical security systems (e.g., access control, CCTV, incident tracking)
• Familiarity with project management basics or experience working cross-functionally
• An understanding of IT disaster recovery and business continuity planning
• A CompTIA Security+, ISO 27001 Foundation, CBCI, CISA, or similar certification
  
  

Building a global financial super app isn’t enough. Our Revoluters are a priority, and that’s why in 2021 we launched our inaugural D&I Framework, designed to help us thrive and grow everyday. We're not just doing this because it's the right thing to do. We’re doing it because we know that seeking out diverse talent and creating an inclusive workplace is the way to create exceptional, innovative products and services for our customers. That’s why we encourage applications from people with diverse backgrounds and experiences to join this multicultural, hard-working team.

Important notice for candidates:

Job scams are on the rise. Please keep these guidelines in mind when applying for any open roles.

• Only apply through official Revolut channels. We don’t use any third-party services or platforms for our recruitment.
• Always double-check the emails you receive. Make sure all communications are being done through official Revolut emails, with an @revolut.com domain.
  
  

We won't ask for payment or personal financial information during the hiring process. If anyone does ask you for this, it’s a scam. Report it immediately.

By submitting this application, I confirm that all the information given by me in this application for employment and any additional documents attached hereto are true to the best of my knowledge and that I have not wilfully suppressed any material fact. I confirm I have disclosed if applicable any previous employment with Revolut. I accept that if any of the information given by me in this application is in any way false or incorrect, my application may be rejected, any offer of employment may be withdrawn or my employment with Revolut may be terminated summarily or I may be dismissed. By submitting this application, I agree that my personal data will be processed in accordance with Revolut's Candidate Privacy Notice