Cybersecurity Compliance & Assurance Analyst

Why Verifone

For more than 40 years Verifone has established a remarkable record of leadership in the electronic payment technology industry. Verifone has one of the leading electronic payment solutions brands and is one of the largest providers of electronic payment systems worldwide.

Verifone has a diverse, dynamic and fast paced work environment in which employees are focused on results and have opportunities to excel. We take pride in the fact that we work with leading retailers, merchants, banks, and third party partners to invent and deliver innovative payments solution around the world. We strive for excellence in our products and services, and are obsessed with customer happiness. Across the globe, Verifone employees are leading the payments industry through experience, innovation, and an ambitious spirit. Whether it’s developing the next platform of secure payment systems or searching for new ways to bring electronic payments to new markets, the team at Verifone is dedicated to the success of our customers, partners and investors. It is this passion for innovation that drives each one of our employees for personal and professional success.

What's exciting about the role

We are seeking a Cyber Security Compliance & Assurance Analyst to support and ensure compliance with international financial and cybersecurity regulations, including the Digital Operational Resilience Act (DORA), BaFin guidelines, France’s RAMPART framework, Canada’s Retail Payments Activities Act (RPAA), and Prudential Supervision and Resolution Authority (ACPR) requirements. The ideal candidate will have expertise in regulatory compliance, risk management, and operational resilience, with a strong understanding of financial systems and cybersecurity best practices.

Key Responsibilities:

• Regulatory Compliance: Monitor, interpret, and ensure compliance with relevant regulations (DORA, BaFin, RAMPART, RPAA, ACPR). Develop and maintain compliance programs, policies, and procedures to align with these regulations. Collaborate with legal and regulatory teams to stay updated on regulatory changes and implement necessary adjustments.
• Risk Management: Conduct risk assessments related to cybersecurity, ICT, and operational resilience. Develop and oversee frameworks for managing ICT risks, including third-party vendor risk management. Establish protocols for incident reporting and response in line with regulatory requirements. Oversee third-party cybersecurity risk management, ensuring vendors comply with security standards and regulatory requirements Implement and maintain internal cybersecurity risk management practices, including maintaining a cybersecurity risk register and regular risk reporting to senior leadership
• Audit and Reporting: Prepare and submit regulatory reports to relevant authorities (e.g., BaFin, ACPR). Support internal and external audits, ensuring all documentation is accurate and up-to-date. Conduct gap analyses to identify areas of non-compliance and recommend corrective actions. Perform cybersecurity audit reviews to assess the organization’s preparedness and compliance with regulatory requirements and best practices
• Training and Awareness: Conduct training sessions for employees and stakeholders on compliance requirements and best practices. Promote awareness of regulatory updates and their impact on organizational operations
• Collaboration and Stakeholder Engagement: Work with cross-functional teams, including IT, legal, and operations, to embed compliance into daily processes. Act as the primary point of contact for regulatory bodies and external auditors

Skills and Experience we desire

• Degree qualified in Cybersecurity, Business Administration, Law, or a related field
• 2+ years of experience in regulatory compliance, risk management, or a related role within the financial sector
• Deep understanding of financial regulations, including DORA, BaFin, RAMPART, RPAA, and ACPR frameworks
• Knowledge of cybersecurity principles, operational resilience, and ICT risk management
• Strong analytical, organizational, and problem-solving skills
• Excellent written and verbal communication skills, with fluency in English (additional languages like German or French are a plus)
• Relevant certifications (e.g., CISA, CRISC, CAMS, or similar) are highly desirable
• Detail-oriented with the ability to manage multiple tasks and deadlines
• Strong interpersonal skills to effectively work with diverse teams and regulatory bodies
• Proficiency in compliance tools, risk management software, and data analytics platforms

Our commitment

Verifone is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Verifone is also committed to compliance with all fair employment practices regarding citizenship and immigration status.