
Capital.com · Warsaw
IT Assurance & Compliance sits at the intersection of technology, regulation, and business — translating regulatory obligations into controls that work in a fas...
IT Assurance & Compliance sits at the intersection of technology, regulation, and business — translating regulatory obligations into controls that work in a fast-moving fintech environment. This role owns IT audit readiness, gap assessments, and day-to-day IT Assurance & Compliance work.
CUBE are a global RegTech business defining and implementing the gold standard of regulatory intelligence for the financial services industry. We deliver our services through intuitive SaaS solutions, powered by AI, to simplify the complex and everchanging world of compliance for our clients. Why us? 🌍 CUBE is a globally recognized brand at the forefront of Regulatory Technology. Our industry-leading SaaS solutions are trusted by the world’s top financial institutions globally. 🚀 In 2024, we achieved over 50% growth, both organically and through two strategic acquisitions. We’re a fast-paced, high-performing team that thrives on pushing boundaries—continuously evolving our products, services, and operations. At CUBE, we don’t just keep up we stay ahead. 🌱 We believe our future is built by bold, ambitious individuals who are driven to make a real difference. Our “make it happen” culture empowers you to take ownership of your career and accelerate your personal and professional development from day one. 🌐 With over 700 CUBERs across 19 countries spanning EMEA, the Americas, and APAC, we operate as one team with a shared mission to transform regulatory compliance. Diversity, collaboration, and purpose are the heartbeat of our success. 💡 We were among the first to harness the power of AI in regulatory intelligence, and we continue to lead with our cutting-edge technology. At CUBE, You will work alongside some of the brightest minds in AI research and engineering in developing impactful solutions that are reshaping the world of regulatory compliance. Purpose Provide senior analyst support across technology governance, risk, and compliance by keeping GRC data, workflows, actions, and reporting current and reliable. This role helps the organisation maintain audit readiness, strengthen accountability for risk actions, and provide clear visibility of compliance status, control health, and remediation progress. Key Responsibilities • Maintain GRC portals, including risk registers, control records, evidence libraries, issue logs, policy links, assessment workflows, dashboards, and reporting views. • Ensure GRC portal dat a is complete, accurate, consistently classified, and aligned to agreed standards for risk, control, issue, and evidence management. • Coordinate portal updates, access reviews, workflow changes, template improvements, and reporting enhancements with technology, security, and business stakeholders. • Perform regular data quality checks across GRC records and follow up with owners to correct missing, outdated, or inconsistent information. • Own and manage the risk action calendar, covering risk assessments, control reviews, evidence refresh cycles, policy reviews, audit milestones, remediation deadlines, governance forums, and leadership reporting. • Track action owners, due dates, dependencies, and completion status for risk and compliance activity. • Proactively follow up on upcoming, overdue, or blocked actions, escalating material risks, delays, and dependencies through the appropriate governance channels. • Use the calendar to support forward planning, workload visibility, and timely completion of recurring GRC obligations. • Support technology risk assessments, control reviews, compliance checks, and issue management activity across security, technology, and business teams. • Maintain and update risk registers, control mappings, compliance evidence, remediation plans, and exception records. • Support the interpretation of policy, regulatory, contractual, and audit requirements into practical actions for control and risk owners. • Monitor remediation progress and help ensure risk treatment plans are realistic, tracked, evidenced, and closed appropriately. • Prepare risk and compliance status reports, dashboards, metrics, and packs for governance forums and leadership review. • Coordinate evidence collection for internal audits, external audits, customer assurance requests, and compliance reviews. • Validate that evidence is current, complete, clearly labelled, and mapped to the relevant controls or obligations. • Support audit walkthroughs, control owner preparation, finding tracking, and post-audit remediation follow-up. • Maintain reusable evidence and control documentation to reduce repeated requests and improve audit readiness. • Partner with security, technology, legal, procurement, internal audit, and business teams to drive clear ownership of GRC actions. • Provide guidance to control and risk owners on GRC processes, portal usage, evidence expectations, and action tracking. • Identify opportunities to improve GRC workflows, portal usability, reporting, data quality, and stakeholder accountability. • Contribute to the maintenance of GRC procedures, guidance materials, and operating rhythms. • Provide support with the compliance inbox. Skills & Competencies • Strong experience in governance, risk, and compliance operations within a technology, cybersecurity, audit, or regulated environment. • Practical experience maintaining GRC tools or portals, including risks, controls, issues, evidence, workflows, dashboards, and reporting. • Strong planning and coordination skills, with the ability to manage calendars, action trackers, recurring obligations, and cross-functional follow-ups. • Good working knowledge of technology risk management, control frameworks, audit evidence, compliance reporting, and remediation tracking. • Ability to interpret risk and compliance requirements and translate them into clear actions for stakeholders. • Strong attention to detail and commitment to accurate, well-governed records. • Confident communication skills, including the ability to follow up, challenge constructively, and escalate when required. • Comfortable working with senior stakeholders, control owners, auditors, and technical teams. • Strong written documentation skills and the ability to produce clear status reports, dashboards, and governance packs. • Familiarity with frameworks and obligations such as ISO 27001, NIST, SOC 2, SOX, PCI DSS, GDPR, COBIT, or DORA. • Experience with GRC platforms such as Vanta, ServiceNow GRC, Archer, OneTrust, LogicGate, AuditBoard, Jira-based risk workflows, or equivalent tooling. • Experience supporting third-party risk, policy management, control testing, or regulatory compliance programmes. • Relevant certification such as CISA, CRISC, CISM, CISSP, ISO 27001, or equivalent professional experience. Interested? If you are passionate about leveraging technology to transform regulatory compliance and meet the qualifications outlined above, we invite you to apply. Please submit your resume detailing your relevant experience and interest in CUBE. CUBE is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Multiverse is the upskilling platform for AI and Tech adoption. We have partnered with 1,500+ companies to deliver a new kind of learning that's transforming today’s workforce. Our upskilling apprenticeships are designed for people of any age and career stage to build critical AI, data, and tech skills. Our learners have driven $2bn+ ROI for their employers, using the skills they’ve learned to improve productivity and measurable performance. In April 2026, we announced $70 million in strategic funding, led by Schroders Capital, with participation from StepStone Group, Lightspeed Venture Partners and General Catalyst. At an increased valuation of $2.1bn, the round makes us Europe’s first EdTech double unicorn. But we aren’t stopping there. With a strong operational footprint and 800+ employees, we have ambitious plans to continue scaling. We’re building a world where tech skills unlock people’s potential and output. Join Multiverse and power our mission to equip the workforce to win in the AI era. ABOUT MULTIVERSE Multiverse is the upskilling platform for AI and tech adoption. We partner with 1,500+ companies to deliver a new kind of learning that is transforming today's workforce. Our upskilling apprenticeships are designed for people of any age and career stage to build critical AI, data, and tech skills. Our learners have driven $2bn+ ROI for their employers — and we are just getting started. In 2022, Multiverse was granted New Degree Awarding Powers (New DAPs) by the Office for Students (OfS), making it one of a small number of providers outside the traditional university sector to hold these powers. We are now preparing for our Full DAPs end assessment — the process by which those powers are confirmed, strengthened, and placed on a permanent footing. ROLE PURPOSE This is a high-stakes, high-visibility fixed-term role at the heart of one of Multiverse's most important regulatory processes. The Full DAPs end assessment, with a submission deadline of 26 October 2026 and a site visit in early 2027, will determine whether Multiverse retains its ability to independently award degrees beyond December 2027. As Project Lead for the Full DAPs end assessment, you will own the day-to-day delivery of the submission: auditing our current evidence base, coordinating contributions from teams across the business, and drafting the self-assessment narrative that will be reviewed by three external assessors and the OfS's Quality Assessment Committee. This is not a desk-based writing role. It requires someone who can navigate a complex organisation, hold senior stakeholders accountable, and translate regulatory language into clear internal tasks — while producing a self-assessment document that is honest, rigorous, and compelling. You will work closely with the Senior Manager, Instructional Delivery, Head of Regulatory Affairs, and our retained specialist consultancy, with regular visibility to senior leadership. KEY RESPONSIBILITIES EVIDENCE AUDIT AND GAP ANALYSIS * Conduct a structured audit of Multiverse's current evidence base against each Full DAPs criterion (A–E), identifying gaps, weaknesses, and areas requiring corrective action * Map existing documentation — policies, committee minutes, programme records, staff development frameworks — to the relevant evidence requirements * Produce a clear gap analysis that drives the work plan for the submission, with particular attention to the corrective actions identified in the Year 1 monitoring assessment. STAKEHOLDER COORDINATION AND EVIDENCE GATHERING * Act as the central coordinator for cross-functional evidence contributions, managing and chasing stakeholders across Learning, Certification Operations, Governance, Student Engagement, and Enablement * Build and maintain a shared project tracker that gives all contributors clarity on what is needed, from whom, and by when * Work with the Enablement team to develop and document pathways for instructor engagement with the wider HE sector — including external examiner opportunities, HE partnerships, and scholarship activity — to address criterion C1 (staff scholarship and pedagogical effectiveness) * Facilitate the gathering of student voice evidence in a form that satisfies criterion A1 and D1, working with the student engagement function * Escalate blockers clearly and early to Harriet Lowe, with a proposed solution SELF-ASSESSMENT DRAFTING * Draft the self-assessment submission in the PEE structure (Policy, Explain, Evidence) for each criterion, translating Multiverse's operational reality into the OfS regulatory register * Ensure the document demonstrates honest self-criticality — a key differentiator in OfS assessments — while presenting Multiverse's progress in the strongest credible terms * Incorporate feedback from Harriet Lowe, Shenay Cantelo-Poppe and Mesma through iterative review cycles * Manage the evidence spreadsheet alongside the narrative, ensuring every claim is mapped to a specific piece of supporting documentation PROJECT MANAGEMENT * Own the project plan from June 2026 through to submission on 26 October 2026, with responsibility for on-time delivery * Prepare regular progress updates for Harriet Lowe and, where required, for senior leadership * Support site visit preparation (estimated January–February 2027) if the contract is extended, including briefing documents for staff who will meet the assessment team. WHAT YOU'LL BRING ESSENTIAL * Experience working in or alongside a higher education quality assurance or regulatory compliance function — you understand how OfS criteria translate into operational evidence * Exceptional stakeholder management skills: you can hold people accountable to deadlines without direct authority, and know how to move things without burning relationships * Strong written communication — you can produce clear, well-structured regulatory narrative and are comfortable working in a formal register * Project management rigour: you are comfortable owning a complex workplan with multiple workstreams, dependencies and a hard deadline * Ability to read and interpret dense regulatory guidance and distil it into clear, actionable asks for internal teams DESIRABLE * Direct experience with regulatory processes, e.g DAPs assessments or OfS self-assessment submissions * Familiarity with the education sector, apprenticeship or workforce learning sector * Experience drafting or contributing to a formal quality self-assessment document (e.g. for OfS, Ofsted, QAA, or similar body) * Understanding of the FHEQ and threshold academic standards WHY THIS ROLE MATTERS The Full DAPs end assessment is not an administrative exercise. Passing it confirms Multiverse's status as an independent degree-awarding body and protects our ability to award degrees to the thousands of apprentices on our programmes. The self-assessment document you produce will be reviewed by three external assessors, considered by the OfS's Quality Assessment Committee, and published. The Year 1 monitoring assessment identified corrective actions across four of the five criteria. This submission must demonstrate that those have been resolved — in practice, not just on paper. The person in this role will be central to making that case. This is a rare opportunity to lead a high-stakes regulatory process at a fast-moving, mission-driven organisation, with direct access to senior leadership and genuine ownership of a critical outcome. Benefits * Time off - 27 days holiday, plus 5 additional days off: 1 life event day, 2 volunteer days, 2 company-wide wellbeing days (M-Powered Weekend) and 8 bank holidays per year * Health & Wellness- private medical Insurance with Bupa, a medical cashback scheme, life insurance, gym membership & wellness resources through Wellhub and access to Spill - all in one mental health support * Hybrid work offering - for most roles we collaborate in the office three days per week with the exception of Coaches and Instructors who collaborate in the office once a month * Work-from-anywhere scheme - you'll have the opportunity to work from anywhere, up to 10 days per year * Space to connect: Beyond the desk, we make time for weekly catch-ups, seasonal celebrations, and have a kitchen that’s always stocked! Our Commitment to Diversity, Equity and Inclusion We’re an equal opportunities employer. And proud of it. Every applicant and employee is afforded the same opportunities regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. This will never change. Read our Equality, Diversity & Inclusion policy here. Our Commitment to Safeguarding Multiverse is committed to safeguarding and promoting the welfare of our learners. We expect all employees to share this commitment and adhere to our Safeguarding Policy, our Prevent Policy and all other Multiverse company policies. Successful applicants will be required to undertake at least a Basic check via the Disclosure Barring Service (DBS). For roles that will involve a Regulated Activity, successful applicants must also undergo an Enhanced DBS check, including a Children’s Barred List check and a Prohibition Order check. Roles involving Regulated Activity may interact with vulnerable groups, therefore are exempt from the Rehabilitation of Offenders Act 1974 meaning applicants are required to declare any convictions, cautions, reprimands, and final warnings. Providing false information is an offence and could result in the application being rejected or summary dismissal if the applicant has been selected, and possible referral to the police and the DBS.
WHO ARE WE? iBanFirst is a fast-growing European fintech that is revolutionizing international payments for SMEs. Founded in 2016, our platform empowers Small & Medium Multinationals (SMMs) to regain control over their payment operations: currency conversion (FX), international transactions, and foreign exchange risk management across 140 countries — quickly, transparently, and securely. We make life easier for SMEs through an advanced technology platform (automation, APIs, AI…) combined with dedicated expertise, offering the best of both worlds: the agility of a SaaS solution and the reliability of a trusted partner. By simplifying complexity, iBanFirst helps thousands of bold companies seize global business opportunities with peace of mind — delivering simplicity, transparency, and security. KEY FIGURES * 350+ employees across 15 offices in 12 European countries * 30+ nationalities represented, average age: 32 * 10,000 corporate clients trust us * €80M in revenue in 2025, with a target of around €100M in 2026 * Profitable for more than two years * Ranked for 6 consecutive years in the Financial Times FT1000, among the fastest-growing European companies * An NPS of 87.5 — an exceptional score in our industry that reflects enthusiastic client feedback on the simplicity, speed, and quality of our service A STRONG CULTURE BUILT AROUND 4 CORE VALUES * Team First : The complexity of our industry demands collective intelligence. We prioritize cooperation, transparency, and knowledge sharing. Success is a team effort, and decisions are made together. * Tenacity : We’re transforming a challenging and highly regulated market. It requires endurance, fast learning, and resilience — qualities rooted in our entrepreneurial DNA. * Transformation : Innovation is not a buzzword; it’s a necessity in a constantly shifting and strategic sector. We innovate with intent: every technical, product, or organizational improvement is designed for real impact. * Trust : Trust is the foundation of everything we build — with our clients and, above all, internally. It’s driven by ownership, autonomy, and a shared commitment to transparency, rigor, and reliability. WHY JOIN US? * We operate at the heart of a strategic and fast-evolving sector: international payments for SMEs — a complex, high-potential market. * We’re driven by a meaningful mission: helping bold “Small & Medium Multinationals” succeed globally. * Our platform integrates cutting-edge technologies (AI, automation…), making it an ideal playground to test, learn, and innovate continuously. * You’ll join an agile environment where your expertise has tangible impact, working alongside talent from top financial institutions. * iBanFirst is profitable and backed by long-term investors: * Xavier Niel and Bpifrance, historical shareholders, have supported and trusted us from the beginning * In 2021, the entry of Marlin Equity Partners marked a new chapter in our international ambitions Joining iBanFirst means joining a profitable, international, fast-growing tech company. It’s also a chance to learn, grow, and contribute directly to a shared ambition: simplifying international finance for SMEs. THE ROLE RECRUITMENT CONTEXT This is a newly created position driven by iBanFirst's continued growth and the increasing complexity of our financial crime risk environment. As transaction volumes scale across new markets and products, we need a dedicated manager to lead our first line of defense teams on Financial Crime (Transaction Monitoring, Fraud detection, Regulatory Ops) and structure the quality and operational controls that underpin them. We are open to candidates coming from various backgrounds (management/strategy consulting, operations/compliance professionals) who are looking to step into a thigh impact operational role. The financial crime domain can be learned — we are hiring for how you think, how you build, how you leverage technology (analytics, AI) and how you lead. MANAGER & TEAM You will report directly to Julien Molez, Chief Operations Officer. You will manage three teams which are at different levels of maturity:a team of 5 people: a Transaction Monitoring Fraud management and Regulatory Operations. Your team is the first line of defense against money laundering, fraud, and financial crime — operating at the intersection of operational rigor, regulatory compliance, and technology. WHAT WILL YOU DO? As iBanFirst expands across European markets, the financial crime risk landscape grows in complexity. We are looking for an analytically sharp, structured, and operationally driven leader to supervise our TM Financial Crime Operations function, steer it with rigor and precision, embed it in a robust and recognized quality framework, and drive highest level of efficiency through data and automation. Team Management & Operations * Lead and develop the different teams in the scope: set priorities, manage performance, and build a culture of accountability and continuous improvement. * Oversee their daily operations: alert review, case investigation, SAR filing, and escalation processes. * Manage capacity and workload allocation to maintain SLAs and maintain backlogs at constant low levels. Fraud & Financial Crime * Own the fraud detection and prevention framework: typologies, detection rules, investigation workflows, and outcomes tracking * Stay current on financial crime trends and adapt the team's detection approach accordingly Controls & Quality Framework * Design and implement a quality insurance framework for each team, specific to each of them but consistent across domains. * Define and track KPIs: detection rates, false positive ratios, case resolution times, SAR quality. * Conduct regular calibration sessions and quality reviews to maintain consistent, high standards across the teams. Analytics & Automation * Use data to assess the performance of each value chains. For example, on the transaction monitoring side : rules effectiveness, reduce noise, and improve alert prioritization * Work with Product and Engineering teams to constantly improve underlying systems and integrate automation into workflows * Identify opportunities to leverage AI and machine learning to enhance detection and reduce manual effort Regulatory & Reporting * Ensure compliance with Belgian and EU AML/CFT obligations (LCB-FT, EU AML directives) * Produce clear, insight-driven reporting for senior leadership: what the data says, what it means, and what action it warrants * Lead or support regulatory audits and inspections related to TM and fraud * Be the key go-to person for C-Levels for these topics and lead the associated governance meetings. TASK BREAKDOWN 40% — Team management & operational oversight: Day-to-day leadership of the different teams, alert review quality, escalation management, and capacity planning 20% — Framework building: Quality controls, KPIs, fraud typologies, policies and procedures 30% — Analytics & automation: Rule performance analysis, detection improvement, collaboration with Product/Engineering 10% — Reporting & regulatory: Senior management reporting, audit support ROLE OBJECTIVES First 3 months * Ramp up on iBanFirst's transaction monitoring systems, financial crime risk exposure, and regulatory environment * Build trust with the team and assess individual strengths and development needs * Map existing processes and identify the top 3 priority areas for improvement First 6 months * Deliver the first version of the quality assurance framework * Define and baseline key operational KPIs * Launch at least one automation or efficiency initiative First 12 months * Own the fraud framework end-to-end and present it to senior leadership * Demonstrate measurable improvement in alert quality, team efficiency, or detection rates * Build a 12-month roadmap for the function aligned with iBanFirst's growth plans WHAT DO YOU BRING? EXPERIENCE: * 5-10 years of experience in similar positions at recognized financial institutions or in management consulting, strategy consulting, or a similar structured analytical environment (Big 4, MBB, Tier 2 strategy firms) * Experience in financial services, fintech, or a regulated industry project context is a strong plus * First exposure to compliance, risk, or financial crime topics (through client work, due diligence, or regulatory projects) is valued SKILLS: * Natural leadership and recognized management experience * Exceptional structuring and problem-solving skills: you break complex issues into clear frameworks and actionable plans * Strong data and analytics capabilities: comfortable with quantitative analysis, building dashboards, and deriving insights from operational data * Proven ability to design processes and quality frameworks from scratch * Natural project management instincts: you sequence work, track delivery, and hold people accountable * High proficiency on AI and automation concepts and enthusiasm to apply them in an operational context * Fluent in French and English, confident communicating with senior stakeholders NICE TO HAVE: * Hands-on experience with a transaction monitoring platform (ComplyAdvantage, Actimize, Napier, or equivalent) * Familiarity with the French or Belgian regulatory environment: NBB, CTIF, ACPR, Tracfin, LCB-FT WHAT MAKES YOU STAND OUT: * You have led a transformation or process redesign project end-to-end * You are energized by the idea of owning something operational, not just advising on it and transforming and optimizing it with technology * You are curious about financial crime and see it as a high-stakes, intellectually demanding domain WHAT DO WE OFFER? * Permanent contract (CDI) * Office location: Paris * Hybrid work policy: 2 days remote per week * Competitive salary: €75,000 – €110,000 gross annual, depending on experience * Benefits: * Swile meal card * Axa health insurance * Commuter benefits * RTT (extra paid days off) * Gymlib subsciption * Paid parental leave * Participate in company-wide events, including team offsites, company parties, and regular social activities. RECRUITMENT PROCESS 1. Screening call with Malorie Petitjean (Talent Acquisition Specialist)— 30 min, remote. General fit, motivation, salary expectations, availability. 2. In-depth interview with Julien Molez (COO)— 1 hour, in-person. Operational experience, leadership approach, team fit. 3. Case study— Take-home exercise on an operational design or process improvement scenario. Presented during complementary 1h session with COO. 4. Final interview with Sonia Boudier (Deputy CEO) — 45 min, in-person. Leadership validation, strategic vision, long-term fit. ____________________________ #LI-MP1 #LI-onsite / #LI-hybrid / #LI-remote