Information Security Specialist

At Silent Eight, we develop our own AI-based products to combat financial crimes that enable things like money laundering, the financing of terrorism, and systemic corruption. We’re a leading RegTech firm working with large international financial institutions such as Standard Chartered Bank and HSBC. Join us and help make the world a safer place! 

Summary:

This position plays a crucial role in developing and maintaining strategic information security plans and risk management across the organisation. As a member of the GRC (Governance, Risk, Compliance) team, you will work with key stakeholders across the business, including C-suite, department representatives and our customers and suppliers. This is not a behind-the-scenes role; we are looking for someone who will help lead the implementation of an information security program and have a significant impact on setting the security strategy across the business. 

Responsibilities:

• Contribute to the development of security assessments and training programs to improve risk culture (e.g. third-party security risk assessments, service/cloud assessments, security awareness and end-user training)
• Work towards minimising Shadow IT by ensuring measurement and evaluation of user adoption for global information protection measures and that any new requirements for such measures are met through collaboration with relevant functions and business units
• Plan, develop and maintain an ISMS (Information Security Management System)
• Work towards and guarantee continued compliance with ISO27001 standards
• Support our legal and sales teams in responding to information security requests from prospective customers and information security aspects during contract negotiations
• Monitor threat landscape, key risk indicators and critical controls to ensure that changes in the risk picture are captured and reported timely
• Provide risk metrics and performance data to support the central reporting of overall cyber risk posture
• Support the development of information assets inventory and vulnerability management program to ensure the assets and related threats are identified and remediated
• Write and assist in the review and approval of security-related documentation and support execution/follow-up of IT audits
• Collaborate with the IT team on the DLP rule development lifecycle, including policy development, response rules, and maintenance

Required Qualifications:

• Minimum 3 years of security-related work experience
• Experience in technology risk management with practical knowledge in designing, implementing, and testing controls in an international, fast-paced organisation
• In-depth familiarity with the ISO 27001:2013 and SOC2 standards
• Ability to maintain an Information Security Management System and oversee Security Awareness Programs
• Experience in conducting on-site audits and managing the entire lifecycle for risk treatment and corrective action plans
• Excellent English verbal and written communication skills 
• Proactive, independent, and pragmatic team player with a high level of commitment and performance orientation

Preferred Qualifications:

• Formal information security certifications or qualifications (e.g. BSc or MSc in Information Security, CISSP, CISM, CRISC, ISO27001 Lead Implementer/Auditor)
• Knowledge of international compliance laws, rules, regulations, and risks
• Understanding of cloud-native and CI/CD environments; with the corresponding IAM and DLP solutions
• Experience managing multiple objectives, schedules, and deliverables

Salary:

Gross/Month B2B
11 000 – 16 000
Depending on experience

Our culture

You will be co-creating our business solutions

We believe that your feedback allows us to create the best solutions as well as adjusted work culture. You will have a real impact on the growth of the company and the product we develop. 

Experienced team

We aren’t your run-of-the-mill tech start-up. At Silent Eight, everyone is a leader in their own field with perspective and experience shared across teams and departments.

Development-centric

Because learning never ends, we empower our employees to invest in themselves. We provide a range of resources such as paid Development Days, in-house training, lunch-and-learns, etc. to make sure our employees are continuing to grow each day.  

Team building events

We know that our success is only possible if we work together as a team. We are a group of passionate individuals united by a common mission. Therefore we like to meet together regularly to connect not just as coworkers, but as human beings, whether it’s at an offsite in Dubai or a weekly “Tea Time” to catch up. 

100% remote work forever

We are not new to working remotely. In fact, we’ve been doing it since 2013 and we know how to make you feel supported, connected, and included. We believe that the freedom to choose where you work from is important to finding the journey that is right for you.

Don’t wait! Join our team today! 

Silent Eight is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or other classification protected by applicable federal, state or local law.