← All jobs · Stripe

IT Governance, Risk & Compliance (GRC) Specialist, Luxembourg

Stripe ·
10
AI-Agency
B5 U20
📍 Luxembourg, LU Mid 3–6+ yrs
AWSISO 27001NISTCOBIT
TL;DR

IT GRC Specialist at Stripe's Luxembourg regulated entity (BBSA), supporting DORA, MiCA, and CSSF compliance. Bridges engineering and regulatory requirements through risk management, vendor oversight, and audit readiness.

Apply at Stripe →
share:
you'll be redirected to the company's career page

Job description

Secure and Scale a Regulated Fintech Platform at the Heart of Stripe

Bridge Building S.A. (BBSA) is the Luxembourg regulated entity of Bridge, a Stripe company. We operate as an EMI and future CASP in one of Europe’s most demanding regulatory environments (CSSF, DORA, MiCA).

BBSA is building a local regulated platform powered by a global-first technology model. In this context, we are looking for a sharp IT GRC Analyst to act as the bridge between strict European regulations and high-velocity global engineering.

This role is the control and risk right hand of the Bridge Global CISO. While our global teams build the tech, you ensure it is compliant, resilient, and audit-ready. You will translate requirements like DORA and MiCA into tangible IT controls, oversee third-party risks, and maintain the integrity of our governance framework.

This is not a "tick-the-box" compliance role. It is a operational position for a professional who understands technology well enough to govern it effectively. You will have high visibility, owning the frameworks that allow us to scale securely.

Key Responsibilities

  1. IT Governance & Risk Management
    • Maintain and evolve the IT Risk Register, ensuring risks are identified, assessed, and treated in line with the company’s risk appetite.
    • Drive the local implementation of the DORA (Digital Operational Resilience Act) framework, including ICT risk management and incident classification.
    • Bridge the gap between technical reality and policy by drafting, reviewing, and updating IT policies and procedures.
    • Perform periodic control testing to ensure global engineering practices align with local regulatory requirements.
    • Act as primary support to the local Head of IT
  2. Third-Party Risk Management (TPRM)
    • Support ICT due diligence and risk assessments of critical vendors and service providers, while assisting with  Developer / Customer Oversight.
    • Monitor SLAs and KPIs of critical vendors, challenging performance where necessary.
    • Act as the primary support to the Outsourcing Manager regarding technical vendor oversight.
  3. Access Governance & Control (IAG)
    • Oversee the Identity & Access Governance strategy, including but not limited to adherence to Segregation of Duties, principle of least privileges and others.
    • Conduct periodic User Access Reviews for critical systems.
  4. Regulatory Compliance & Audit Readiness
    • Act as the primary liaison for Internal Audit regarding IT topics.
    • Prepare technical inputs and evidence for CSSF notifications and regulatory reporting.
    • Monitor compliance with GDPR/Data Privacy controls (e.g., DLP oversight, data residency).
    • Coordinate Business Continuity (BCP) and Disaster Recovery (DR) testing documentation and reporting. 
  5. Incident Governance
    • Oversee the IT incident management process to ensure proper classification, reporting, and root cause analysis (RCA).
    • Ensure major incidents are reported to regulators within mandated timeframes (in collaboration with Compliance).

 

Candidate Profile

Education

Experience

Core Competencies

Languages

Mindset

Apply at Stripe →

More open roles at Stripe

Stripe 🔷 AI-first · 🔄 synced 7h ago
Forward Deployed AI Accelerator, Marketing
📍 Singapore, SG 🛠 AI tools welcome at work · Mid
Forward Deployed AI Accelerator at Stripe embedded with marketing teams to build AI agents, automations, and tools that transform workflows. Coach marketers through AI adoption and scale successful patterns across the organization.
ClaudeClaude CodePythonAPI integrationsworkflow automation
87
AI-core
Stripe 🔷 AI-first · 🔄 synced 7h ago
Forward Deployed AI Accelerator, Marketing
📍 US 🌐 Remote 🛠 AI tools welcome at work · Mid
Forward Deployed AI Accelerator at Stripe embedded with marketing teams to build AI agents, automations, and tools that transform workflows. Coach marketers through AI adoption and scale successful patterns across the organization.
ClaudeClaude CodePythonAPI integrationsworkflow automation
87
AI-core
Stripe 🔷 AI-first · 🔄 synced 7h ago
Forward Deployed AI Accelerator, Marketing
📍 US 🌐 Remote 🛠 AI tools welcome at work · Mid
Forward Deployed AI Accelerator at Stripe embedded with marketing teams to build AI tools, agents, and automations that transform workflows. Coaches marketers through AI adoption and scales successful patterns across the organization.
ClaudeClaude CodePythonAPI integrationsworkflow automation
83
AI-core
Stripe 🔷 AI-first · 🔄 synced 7h ago
Design Program Manager, AI
📍 US 🌐 Remote 🛠 AI tools welcome at work · Mid
Design Program Manager at Stripe focused on integrating AI tools and agents into design workflows. Build custom AI-powered tooling, coach designers to adopt agentic workflows, and scale transformations across the design organization.
81
AI-core
Stripe 🔷 AI-first · 🔄 synced 7h ago
AI Specialist, Treasury Finance Operations
📍 Bengaluru, IN 🛠 AI tools welcome at work · Mid
AI Specialist at Stripe building AI agents and automation solutions for Treasury Finance Operations. Focus on operationalizing LLM-based agents for cash forecasting, bank account management, and workflow automation using internal agentic platforms.
PythonSQLLangChainLangGraphDatabricksAWS
79
AI-core