Security GRC (Governance, Risk and Compliance) Specialist (Relocation to MNE)

Libertex Group Overview

Established in 1997, the Libertex Group has helped shape the online trading industry by merging innovative technology, market movements and digital trends. 

The multi-awarded online trading platform, Libertex, enables traders to access the market and invest in stocks or trade CFDs with underlying assets being commodities, Forex, ETFs, cryptocurrencies, and others.

A firm believer in the power of sports to inspire, empower and push for success, Libertex is the Official Online Trading Partner of KICK Sauber F1 Team.

We build innovative fintech so people can #TradeForMore with Libertex.

Job Overview 

This role is responsible for managing internal security GRC (Governance, Risk, and Compliance) programs, collaborating with Security, IT, and corporate teams to identify and reduce cybersecurity risks.

Responsibilities:

• Develop, implement, and improve cybersecurity and third-party risk management frameworks.
• Identify, assess, and mitigate cybersecurity risks; conduct gap analyses and internal security reviews.
• Support IT compliance, audits, and regulatory requests; manage related documentation and reporting.
• Collaborate on vendor assessments, contract reviews, and AI safety/security initiatives.
• Contribute to business continuity, disaster recovery, and data governance planning.
• Maintain and improve security policies, standards, and awareness programs (incl. phishing simulations).
• Assess new systems/applications from a security perspective; integrate security tools into GRC workflows.
• Automate compliance monitoring, access control reviews, and IAM processes.

Requirements

• 5+ years of experience in security governance, risk management, third-party risk, and security assessments
• Proven experience with data governance, business continuity, disaster recovery, and security policy implementation
• Solid knowledge of industry frameworks (ISO 27001, SOC2, NIST, COSO) and regulatory standards (DORA, GDPR, PCI-DSS)
• Understanding of core security engineering concepts (IAM, encryption, logging)
• Experience with process/task automation and use of security tools
• Strong analytical thinking, attention to detail, and ability to work both independently and in a team
• Excellent communication skills for both technical and non-technical audiences
• Fluent in English (spoken and written)
• Bachelor’s degree in Cybersecurity, Information Systems Engineering, or a related field

Will be a plus:

• Experience working in or managing a Blue Team
• Background in threat intelligence initiatives
• Relevant certifications (e.g., CISSP, CRISC, Security+)
• Experience in fintech or online business environments

Benefits

• Work in a pleasant and enjoyable environment near the Montenegrin sea or mountains
• Quarterly bonuses based on Company performance
• Generous relocation package for the employee and their immediate family/partner 
• Medical Insurance Plan with coverage for the employee and their immediate family from day one
• 24 working days of annual leave 
• Yearly reimbursement of travel expenses for the employee and family's flight home
• Corporate events and team building activities
• Udemy Business unlimited membership & language training courses 
• Professional and personal development opportunities in a fast-growing environment

Libertex Group is an equal opportunity employer, fostering an inclusive and diverse environment. We do not discriminate based on any characteristic protected by the law. Candidate privacy is respected, and all data is securely stored and used solely for recruitment purposes, in line with GDPR and our internal policies. Unsuccessful applicants may have their data retained for future opportunities unless deletion is requested.