Governance, Risk, and Compliance (GRC) Specialist - Remote

Overview

This role plays a leading part in ensuring risk management and cybersecurity governance are carried out at scale, helping keep product used by more than 110 million travellers safe and secure. You'll play a leading role in protecting Skyscanner against security risks, by implementing governance, risk and compliance (GRC) at scale in an agile and entrepreneurial way. You will drive work to reduce toil for control owners, increase visibility across the company, and develop continuous monitoring and reporting. You'll be empowered to engage and work cross-functionally, creating a strong security baseline. You'll be part of the Security team in setting the vision, roadmap, assessing risks and efforts to secure the company across teams and departments. We are looking for people who are experienced, proactive, humble and also highly skilled. And whatever the problem, you’ll connect the dots to help find the right solution by inspiring teams to work together.

In Short

• Coordinate third-party risk assessments and vendor security compliance.
• Monitor, report, and propose improvements for security risks, policies, and compliance (NIST CSF).
• Maintain the enterprise risk register and collaborate with leadership on risk appetite and tolerance.
• Implement and scale Governance, Risk, and Compliance (GRC or equivalent experience) frameworks, including automation of monitoring and reporting processes.
• Lead company-wide information security training and develop targeted initiatives to raise awareness across the organization.
• Work collaboratively to integrate security into processes and company culture, ensuring effective communication of complex security concepts.

Requirements

• Extensive experience in information security, particularly in cloud environments.
• Expertise in third-party risk management and vendor evaluations.
• Proficiency with GRC tools (e.g., RiskSmart) and governance automation.
• Strong problem-solving skills and a proactive, team-oriented approach.
• We believe when people meet regularly in person, we are better able to innovate, learn, collaborate and encourage.

Benefits

• Medical insurance.
• Headspace subscription.
• Home office allowance.
• Option to buy more holidays.
• Opportunity to work from any country for 4 weeks a year.
• 30 days in our other global offices.