Cybersecurity GRC Analyst

Get AI-powered advice on this job and more exclusive features.

Bitcoin Depot is seeking a Cybersecurity GRC Analyst with 3-5 years of experience in the financial services industry to support our governance, risk, and compliance (GRC) initiatives. The ideal candidate will be key in ensuring regulatory compliance, enhancing risk management practices, and strengthening security controls. Responsibilities include coordinating internal and external security audits and collaborating with our compliance team, auditors, and cybersecurity personnel.

Bitcoin Depot is the largest Bitcoin ATM network globally, enabling users to buy and sell Bitcoin at thousands of locations. We are recognized as a Top Workplace by the Atlanta Journal-Constitution for 2021 and 2022, featured on the Inc. 5000 list, and on the ACG Georgia Fast 40 list for two consecutive years. We are publicly traded on NASDAQ under the ticker BTM.

The successful candidate will possess the following skills and experience:

• Support Information Security governance and ensure compliance with cybersecurity policies and standards.
• Knowledge of financial regulations such as SOX, SEC, CCPA/CRPA, GDPR, and Australia Privacy Act.
• Collaborate with IT Operations and Compliance teams to identify and resolve cybersecurity risks.
• Develop and maintain GRC policies based on NIST 800-53.
• Manage security training and awareness programs.
• Conduct security testing activities, including penetration tests and disaster recovery exercises.
• Oversee audits, certifications, and security questionnaires.
• Generate security metrics and reports for leadership and audit committees.
• Stay informed on regulatory changes and advise accordingly.

• Perform risk assessments and identify control gaps.
• Develop risk mitigation strategies with stakeholders.
• Support third-party risk management processes.
• Improve business continuity and incident response plans.

• Create risk and compliance dashboards and reports.
• Educate staff on security policies and best practices.
• Serve as liaison with auditors and regulators.

• 3+ years in GRC, risk management, compliance, or IT audit, preferably in banking, fintech, or financial services.
• Strong knowledge of relevant financial regulations.
• Familiarity with risk frameworks like NIST and ISO 27001.
• Certifications such as CISA, CRISK, CISM, CISSP.
• Excellent communication and interpersonal skills.
• Ability to translate technical security standards into business language.
• Experience with audits such as GDPR, SOC Type I/II.
• Experience with third-party vendors and security assessments.
• Knowledge of cloud platforms (AWS, Azure, GCP).

• 401K matching
• Health benefits
• Paid wellness membership
• Equity options
• Paid time off and holidays
• Team-building events (virtual and in-person)
• Remote-first environment

Bitcoin Depot is an equal opportunity employer committed to diversity and inclusion in the workplace.