Security Compliance Analyst (Fintech)

TL;DR

Security Compliance Analyst (GRC/Fintech): Managing security compliance frameworks and responding to client due diligence for a financial services SaaS platform with an accent on ISO 27001 and SOC2 alignment. Focus on conducting internal audits, implementing security controls, and automating compliance activities using EDR and SIEM tools.

Location: Hybrid in York, England. Must be authorized to work in the UK (no sponsorship provided).

Company

hirify.global is a leading provider of compliance SaaS and consulting services for the global financial services sector.

What you will do

• Respond to due diligence questionnaires from clients, partners, and regulatory bodies.
• Review and update security policies to ensure alignment with ISO 27001 and SOC2 controls.
• Develop and implement new security policies, procedures, and supporting artifacts.
• Perform internal and external audits, including access reviews and firewall audits.
• Utilize EDR and SIEM tools to automate compliance activities.
• Provide security awareness training and phishing exercises for staff.

Requirements

• Bachelor's degree in Information Security, Computer Science, or a related field.
• 3-5 years of experience in security compliance, GRC, or information security.
• Strong knowledge of ISO 27001, SOC2, and NIST standards.
• Must be authorized to work in the United Kingdom.
• Relevant certification such as CISA, CASP+, CISM, or ISO 27001 Lead Auditor.
• Proficiency with Jira, Confluence, and SharePoint.

Culture & Benefits

• Equal Opportunity Employer.
• Access to a wide range of employee perks.
• Collaboration within a global team serving over 5,000 clients.