Security GRC - Senior Analyst

Engineering · London, London, City of
Department Engineering
Employment Type Full-Time

Security GRC - Senior Analyst


Location: London, UK 

Salary: Competitive


Security at FINBOURNE covers a wide variety of challenges and work – ranging from developing security control systems, risk management frameworks, securing the environment we work in, fostering a security conscious team culture, threat analysis, helping solve customer security challenges as well as using the latest tools and techniques to secure our platform and business. Modern security practices require constant vigilance and evolution to identify areas of potential threat, so we’re always looking for new ways to deploy our technology, people and processes to help FINBOURNE best protect our customers.

As a rapidly growing company with increasing numbers of customers, employees, and visibility it is vitally important that we scale our risk management and compliance capabilities to keep up with the company’s ambitions and customer expectations. The objective of this role is to help ensure that as a company we’re operating as we should be and that we can prove to our customers and auditors that we live our values and policies. Communication is a big part of the role, working with other teams, vendors, and auditors to understand and explain how we approach security challenges. We’re a technical company, so as we do of everyone, we’re looking to this role to help develop ways to automate and improve processes. You will be visible across the company, working closely with senior figures, so you will need to be comfortable talking about security to people from all levels of the business.


Key responsibilities: 

  • Reviewing, evolving and building security standards consistent with industry standards and best practices. Working with teams across the company to integrate them into the relevant key business processes and systems.
  • Implementing tools and processes to help automate and streamline all areas of GRC within the business.
  • Be the subject matter expert and provide advice on the design and implementation of key security systems and controls, delivering related communications, training and documentation.
  • Work with teams across the company to ensure their compliance requirements are understood and help them operate their teams and systems in line with policy requirements.
  • Work with the company's Internal Control Group and External Auditors to help coordinate audits and provide expert insight on our controls, systems and processes.
  • Support third-party assessments including due diligence, compliance questionnaires, vendor assurance, and RFPs.
  • Help us continue to develop and improve our security incident response and management processes.
  • Evaluate our existing control effectiveness and provide recommendations. Monitor and report on compliance gaps.


What skills, experience, and qualifications we require: 

  • A strong technical understanding of Cloud technologies, architectures, and associated risks.
  • Practical and technical GRC experience with knowledge of key control areas such as security, cloud and, information technology resilience.
  • Ability to identify, analyse and propose mitigating actions for GRC risks in cloud-native environments
  • Experience in policy and procedure creation, security training and third-party management.
  • Ability to explain technical concepts clearly to a range of audiences and in the context of business requirements.
  • Have a working knowledge and experience of security, industry, and compliance frameworks such as SOC2, NIST and ISO.
  • Strong stakeholder engagement skills
  • Excellent written and verbal communication and presentation skills.
  • Detail-oriented and delivery-focused and able to manage multiple work streams simultaneously.
  • Experience using SQL to query data sets and power reports
  • Ideally, CISA, CISM, CISM, CRISC, CISSP, or equivalent certification or experience
  • Some development experience is always welcome (ideally C# or Java) to help guide or participate in systems and process automation.

 

About FINBOURNE

We are a young, dynamic financial technology company aiming to re-engineer the world of investing to make it clearer, faster and more cost effective for everyone.

 

We are looking for our future architects, engineers and ultimately leaders to join us on this journey.

 

At FINBOURNE, we offer a hugely supportive environment to build a career, with continuous learning and development opportunities. We have a collaborative culture of testing and exploring problems together to find the best evidence-based solutions. We respect your independent thought, your intellectual curiosity and your opinion.

 

Our solution is open, API first and developer friendly – a true first for the asset management industry.  You can see what our team is busy building – we’ve published our Software Development Kits in five languages on Github: (C#, Java, Javascript, Python, Angular).

 

FINBOURNE Technology is a Skilled Worker sponsor and we can support candidates requiring work permission if appropriate.  

For more information about our culture, career development and the benefits we offer our employees, please visit our website.


  

 

Thank You

Your application was submitted successfully.

  • Location
    London, London, City of
  • Department
    Engineering
  • Employment Type
    Full-Time