GRC Analyst

An Introduction to Primer

Primer is the unified infrastructure for global payments. We give finance and payments teams the visibility and control to reduce complexity, improve performance, and capture more revenue - all from a single platform.

Backed by Sofina, Peak XV Partners, ICONIQ, Tencent, Accel, and Balderton, we're building the payments layer the world's best companies rely on.

Watch our showcase >

Read up on our $100m Series C

Learn more about our culture >

ABOUT THE ROLE

We're looking for a GRC Analyst to take ownership of our Governance, Risk & Compliance program. As our regulatory footprint and customer trust requirements have grown, we're investing in a dedicated GRC function to ensure we maintain a strong, continuous compliance posture.

This is a mid-level, individual contributor role reporting into the engineering/security organisation. You'll partner closely with engineers as subject-matter experts while owning the day-to-day execution and operational rhythm of GRC across the business.

WHAT YOU'LL OWN

AUDIT READINESS & EVIDENCE OPERATIONS

Maintain a year-round evidence calendar, run continuous control monitoring, and coordinate with external auditors.

EXTERNAL TRUST REQUESTS

Own inbound security questionnaires, vendor assessments, and RFP responses. Maintain a response library so we can turn these around quickly and consistently, keeping deals and procurement moving.

FRAMEWORK-DRIVEN PROGRAMS

Coordinate risk assessments, partner on security awareness and training programs, and govern vulnerability management processes. With obligations spanning PCI DSS, DORA, NIS2, and the EU AI Act, you'll help us stay ahead of evolving requirements.

POLICY LIFECYCLE MANAGEMENT

Maintain policies, manage exceptions, monitor for violations, and drive remediation follow-through. You'll be the single point of accountability for keeping our policy...