Home
Recruiter
Sign In

GRC Analyst

Remote from
Europe flag
Europe
Annual salary
Undisclosed
Salary information is not provided for this position. Check our Salary Directory to estimate the average compensation for similar roles.
Department
Legal & Compliance
Employment type
Full Time,
Job posted
Apply before
16 Jul 2026
Experience level
Midweight
Views / Applies
19 / 3
About company Share

About Mesh

Mesh is building the first global crypto payments network—pay or get paid instantly, from any wallet, on any chain, anywhere in the world.

Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

Mesh is seeking a GRC Analyst to build and mature compliance programs for its crypto payments platform. The role involves owning controls, supporting SOC 2 and regulatory licensing (MiCA, MTL), managing vendor risk, and developing business continuity plans. Candidates need 3-5 years of hands-on GRC experience with frameworks like SOC 2, NIST, or PCI. This is a high-growth, collaborative environment with significant ownership and fast-paced execution.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires expertise in multiple compliance frameworks and regulatory landscapes, but with 3-5 years of expected experience, it is manageable for an experienced GRC professional.

Salary Analysis

Median Highly Competitive
$115,000
US Market
$80k – 150k
0 $165k
AI Insight The job posting does not specify a salary, but based on market data for GRC Analysts in fintech/crypto, the estimated median is $115,000, which is competitive for the role's requirements and industry.

Key Skills

SOC 2 NIST Compliance Risk Management Business Continuity Vendor Risk Crypto Fintech GRC Regulatory

Dear Hiring Manager,

I am excited to apply for the GRC Analyst position at Mesh. With 4 years of hands-on experience building and maturing compliance programs in fintech environments, I have a strong track record of implementing SOC 2, NIST, and regulatory frameworks like NYDFS. At my current role, I led the vendor risk assessment process and developed a Business Continuity plan that reduced recovery time by 30%.

Mesh's mission to bridge crypto and everyday commerce resonates with my passion for building scalable, trust-centered systems. I am particularly drawn to the opportunity to support MiCA and MTL licensing while working with a dynamic team. I am eager to bring my expertise in controls management and issue remediation to help Mesh scale securely.

Thank you for considering my application. I look forward to discussing how I can contribute to your team.

Sincerely, [Your Name]

Can you describe your experience with SOC 2 compliance implementation?
In my previous role, I led the SOC 2 Type II audit preparation, including mapping controls, collecting evidence, and coordinating with auditors. I also helped remediate findings and implemented continuous monitoring using a GRC platform.
How would you approach building a Business Continuity program from scratch?
I would start with business impact analysis to identify critical functions and recovery priorities. Then, I'd develop recovery strategies, document runbooks, and test regularly. Collaboration with department heads is key to ensure buy-in and accuracy.
What experience do you have with regulatory licensing like MiCA or Money Transmitter Licenses?
I supported a prior company's money transmitter license application in multiple states, preparing regulatory responses and maintaining compliance calendars. I am familiar with MiCA requirements through research and training.
How do you prioritize and manage multiple compliance tasks in a fast-paced environment?
I use risk-based prioritization, focusing on high-impact regulatory deadlines and critical controls. I leverage project management tools and automation to track progress and communicate status to stakeholders regularly.
Describe a time you identified and remediated a significant control gap.
At a previous company, I discovered that access reviews were not being performed quarterly. I implemented a automated access recertification process using a GRC tool, reducing risk and ensuring compliance with SOC 2 requirements.

About Mesh

At Mesh, our mission is to enable consumers to pay and be paid with any asset. Today, trillions of dollars in tokenized assets exist but remain largely unusable for everyday commerce. Mesh is bridging this gap by making crypto payments reliable, useful, and ubiquitous. We combine a powerful orchestration engine with a seamless consumer app to unlock liquidity for the world. Backed by leading investors like PayPal Ventures, Paradigm, and Galaxy Ventures, we are building the infrastructure for the next era of the global economy. Join us!

Overview

We’re hiring a GRC Analyst to help build the compliance foundation powering the future of global crypto payments. At Mesh, we’re connecting hundreds of exchanges, wallets, and financial platforms into a single open network, and this role will be instrumental in ensuring we scale securely, responsibly, and with trust at the center of everything we do.

As we continue to grow, you’ll play a key role in shaping and maturing our GRC program across initiatives including SOC 2, MiCA licensing, and Money Transmitter Licenses throughout the U.S. This is a hands-on role with meaningful ownership—from managing day-to-day controls and strengthening core compliance processes to partnering closely with our Head of Security and GRC lead to navigate an increasingly complex regulatory landscape. We’re looking for someone who enjoys rolling up their sleeves, building programs that scale, and contributing to the infrastructure powering the next generation of global payments.

What You’ll Do

  • Own and strengthen our controls environment, ensuring compliance requirements are effectively implemented and maintained.
  • Support and mature our GRC program, including SOC 2 operations and alignment with broader security frameworks such as NIST.
  • Build and maintain our Business Continuity and Disaster Recovery program, including BIAs, continuity plans, and recovery runbooks.
  • Conduct vendor and third-party risk assessments as we expand our global network of partners.
  • Support MiCA licensing and U.S. Money Transmitter License applications through due diligence, regulatory responses, and compliance reporting.
  • Manage the security issue lifecycle, driving remediation efforts and partnering with teams to reduce risk.
  • Help standardize policies, controls, and compliance processes that can scale across jurisdictions and regulatory frameworks.

Who You Are

  • 3–5 years of hands-on GRC experience in an operating environment, with a track record of building and managing compliance programs—not just auditing them.
  • Deep familiarity with one or more major frameworks, such as SOC 2, NIST, PCI, MiCA, NYDFS, or CCPA.
  • Experience building or maturing Business Continuity and Disaster Recovery programs, with a strong understanding of how business impact assessments inform recovery strategies.
  • Comfortable supporting the full risk lifecycle, including risk assessments, control testing, issue management, and remediation.
  • A hands-on builder who enjoys improving processes, operationalizing controls, and turning requirements into scalable programs.
  • Regularly uses AI tools to increase efficiency and improve outcomes across areas such as policy development, process monitoring, or program management.
  • Experience in fintech, crypto, payments, or other regulated industries is a plus, as is familiarity with GRC platforms such as Vanta, Drata, or Archer. 

Why You’ll Love It Here

At Mesh, you’re not stepping into a typical role—you’re joining a rocket ship in mid-liftoff. You’ll tackle complex, meaningful problems that actually move an industry forward, working alongside a sharp, motivated team that moves quickly, collaborates deeply, and expects everyone to operate with ownership. This is the kind of place where you’ll see your work ship fast, make real impact, and be able to point to something and say, “I built that.” You’ll grow fast, level up your skills, and get a front-row seat to how a high-growth company scales from the inside, with competitive comp, solid benefits, and room to stretch your craft all coming standard. If you’re energized by building, learning, and shaping something big—this is where you’ll want to be.

In-Office Expectations

Employees based in our San Francisco, New York, and Bangalore hubs are expected to work from the office at least 40% of the time (approximately two days per week). This expectation may vary slightly depending on role, team, and business needs. Certain roles that require closer cross-functional collaboration or operational support may have additional in-office requirements, which will be discussed during the interview process. Our hybrid approach is designed to balance meaningful in-person collaboration, team building, and real-time decision-making with the flexibility to work remotely. We believe this structure supports strong execution while preserving autonomy and focus time.

How We Care For Our Team

We believe great work happens when people feel valued and supported. That starts with competitive salary and equity that grows as you and the company grow, plus comprehensive health coverage for you and your family. We offer unlimited PTO—and we mean it. Take the time you need to recharge and show up at your best.

We’re invested in your growth with a dedicated budget for courses, conferences, and certifications. Work from wherever you’re most productive with our remote-friendly approach, and count on having the top-tier tools and equipment you need to do exceptional work.

Mesh Pay is committed to equal employment opportunities regardless of race, color, genetic information, creed, religion, sex, sexual orientation, gender identity, lawful alien status, national origin, age, marital status, and non-job related physical or mental disability, or protected veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and we’ll help you track your application.

For safety tips, see our guides, and please let us know if you need any assistance.

Log in to save
You're almost done!

Create a free account with us to save a history of all jobs you've shown interest in.

You can also continue as a guest if you prefer.

Share

See a few more

Similar Legal & Compliance remote jobs

More Jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more ›
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more ›
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more ›
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

617 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts and digest
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts and digest
  • • Personal career consultant
  • • AI-powered job advice
Go to account ›