Jobs › IT Governance, Risk & Compliance (GRC) Specialist, Luxembourg
IT Governance, Risk & Compliance (GRC) Specialist, Luxembourg
Role at a glance
- Category
- Compliance
- Work arrangement
- On-site
- Location
- Luxembourg
- Posted
- Jun 13, 2026
Stripe is hiring a IT Governance, Risk & Compliance (GRC) Specialist, Luxembourg in Luxembourg. This is a Compliance role in the governance, risk, and compliance field. Review the full details below and apply directly with Stripe.
Who we are About Stripe Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world s largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead. That means you have an unprecedented opportunity to put the global economy within everyone s reach while doing the most important work of your career. About the team Bridge Building S.A. (BBSA) is the Luxembourg regulated entity of Bridge, a Stripe company. We operate as an EMI and future CASP in one of Europe s most demanding regulatory environments (CSSF, DORA, MiCA). BBSA is building a local regulated platform powered by a global-first technology model. What you ll do In this context, we re looking for an IT GRC Analyst to act as the bridge between strict European regulations and high-velocity global engineering. This role is the control and risk right hand of the Bridge Global CISO. While our global teams build the tech, you ensure it is compliant, resilient, and audit-ready. You ll translate requirements like DORA and MiCA into tangible IT controls, oversee third-party risks, and maintain the integrity of our governance framework. This is not a tick-the-box compliance role. It is an operational position for a professional who understands technology well enough to govern it effectively. You ll have high visibility, owning the frameworks that allow us to scale securely. Responsibilities IT governance and risk management • Maintain and evolve the IT Risk Register, ensuring risks are identified, assessed, and treated in line with the company s risk appetite. • Drive the local implementation of the DORA (Digital Operational Resilience Act) framework, including ICT risk management and incident classification. • Bridge the gap between technical reality and policy by drafting, reviewing, and updating IT policies and procedures. • Perform periodic control testing to ensure global engineering practices align with local regulatory requirements. • Act as the primary support to the local Head of IT. Third-party risk management (TPRM) • Support ICT due diligence and risk assessments of critical vendors and service providers, while assisting with Developer and Customer Oversight. • Monitor service level agreements and performance metrics of critical vendors, challenging performance where necessary. •
Full responsibilities and requirements are on Stripe's application page.
Apply for this role →Location and market context
This role is based in Luxembourg on-site. Local candidates benefit from being close to Stripe's teams and regional hiring market. Confirm the exact in-office expectation and any relocation support with the employer.
About compliance roles
Compliance programs turn law, regulation, and policy into controls the business can actually run. Demand is strongest where regulatory change, enforcement risk, and new technology intersect. Roles like this one are typically evaluated against frameworks such as relevant regulatory frameworks, control libraries, and audit and monitoring practices.
How to position yourself for this compliance role
Strong candidates emphasize building and monitoring controls, regulatory mapping, policy and training, and partnering with the business to make compliance practical. In your resume and outreach, tie your experience to how Stripe would apply relevant regulatory frameworks, control libraries, and audit and monitoring practices, and lead with concrete outcomes rather than duties.
Similar GRC roles
More GRC jobs: All GRC roles · Browse by category & location