
GRC Specialist
- On-site
- Tehran, Tehrān, Iran, Islamic Republic of
- Tech
Job description
Our Journey So Far
At Snapp, we’re redefining how cities move. Our ride-hailing and mobility platform connects millions of riders and drivers every day, delivering safe, reliable, and efficient transport solutions. Powered by real-time data and robust infrastructure, we make urban travel faster, simpler, and more sustainable.
We operate with the mindset of a global tech leader and the agility of a startup, building services that scale across markets while staying responsive to local needs.

Your Impact
We are seeking a driven and detail-oriented professional to lead audits of access management processes for Snapp Cab and other ventures, ensuring secure onboarding and offboarding practices. Beyond access audits, the role will be critical in developing and implementing comprehensive Governance, Risk, and Compliance (GRC) frameworks across our operations.
You will conduct risk assessments, monitor regulatory and internal compliance, and collaborate cross-functionally with legal, security, and engineering teams to align operations with legal, industry, and internal standards. You will also develop governance policies, conduct security awareness programs, manage corrective action plans, investigate compliance breaches, and drive continuous improvements.
This is a high-impact role where your work will directly strengthen our cybersecurity posture and operational resilience.
What You’ll Drive Forward
Design, implement, and maintain cybersecurity governance frameworks, policies, and procedures aligned with industries and international standards.
Conduct cybersecurity risk assessments, threat modeling, and vulnerability analyses; prioritize mitigation actions against high-risk threats, including data breaches and third-party risks.
Plan and execute internal and third-party security audits.
Advise business and technical stakeholders on security-by-design principles, regulatory requirements, and risk implications.
Collaborate with incident response teams during security incidents and ensure compliance with legal and regulatory reporting obligations.
Generate executive-level reports summarizing security posture, emerging risks, compliance status, and improvement initiatives.
What Powers Your Drive
Bachelor's degree or higher in Cybersecurity, Computer Science, Information Technology, or a related field.
Minimum 5 years of experience in Governance, Risk, and Compliance (GRC), risk management, or security compliance roles.
Strong expertise in regulatory requirements and frameworks such as NIST CSF, ISO 27001, Cyber-police requirements, and industry audit standards.
In-depth understanding and hands-on experience with leading security frameworks, including NIST Cybersecurity Framework, ISO 27001, GDPR, and CIS Controls.
Relevant certifications (CISA, CISM, ISO 27001 Lead Implementer) are highly preferred.
Strong problem-solving skills, attention to detail, and ability to manage multiple initiatives simultaneously.
Excellent verbal and written communication skills, capable of influencing both technical and non-technical stakeholders.
Experience creating dashboards and visual reports using Power BI or similar business intelligence tools.
Ability to write SQL queries for auditing, reporting, and investigation purposes.
Have experience working with SIEM platforms (e.g., Splunk, ELK, or similar) for event monitoring, log analysis, and compliance reporting.
Ready to Get on Board?
Help us shape the future of ride-hailing and urban mobility. Submit your CV and let’s build smarter cities together.
or
All done!
Your application has been successfully submitted!