Head of Information Security

What We’re All About at Kroo

We’re creating the world’s most social bank and improving people’s relationship with money for good. Our mission is to remove the stress and social awkwardness that money creates, allowing people to freely enjoy their lives in a connected and meaningful way. We’re building a bank that’s better for customers, their friends, and the planet.

Here at Kroo, doing what is right is in our DNA. We act with integrity, transparency and honesty. We think big, dream big, and relentlessly pursue our goals. We like to be bold, break new ground, and we never stop learning. But most importantly, we are on this journey together.

How You’ll Contribute

You’ll report into the CTO and will own, manage and develop information security practices and maturity across the IT function. Your primary areas of accountability will include:

• Leadership, vision, and direction to the 1st line Security team in collaboration with IT, Platform and Engineering
• Develop best practices and security standards across the IT and Operations functions,
• Help teams ensure products and services are secure by design, within the risk appetite, and meet compliance requirements, group standards and policies,
• Work with Engineering and Platform teams to Automate processes as required
• Ensure 1st Line security controls are aligned with business objectives

• Facilitate periodic security testing activities (e.g. penetration testing, DR exercises) and prioritise and manage response activities

• Define and execute the Security Operations strategy for the bank
• Work with relevant stakeholders to improve Detection & Response capabilities leveraging existing and new technologies
• Gather and grow threat intelligence and manage our security exposure.
• Attract and retain a high-performing security talents

Requirements

To be successful in this role you should have skills and experience in multiple domains, such as application security, network security or security operations and provide security thought leadership and mentorship to the rest of the organisation. You need to have experience in building and leading a team to ensure appropriate level of security for the bank’s IT systems and resilience.

At a minimum, you have at least 5 years of experience in system, network or application security.

You should also have a proven experience and knowledge with any combination of the following:

• Implementation of an IT security strategy,
• Building and growing a security team aligned with business needs,
• Implementation of threat intelligence and hunting program,
• Implementation and improvement of SIEM/MDR solutions,
• Knowledge of Docker or kubernetes and infrastructure as code,
• Knowledge of agile environments, and CI/CD tools (Git, Concourse, Terraform),
• Knowledge of cloud Security Architecture of public clouds (such as AWS or GCP),
• Offensive Security Understanding of offensive security tactics, techniques and procedures
• ITIL knowledge applied to operations and security
• Experience in working in regulated company, preferably with a FinTech/ banking background,
• knowledge and experience of key legal and regulatory compliance, e.g. GDPR, SWIFT CSP, PCI DSS,
• Excellent oral, written communication and presentation skills.

About Our Process

We can be flexible with the structure of our interview process if someone's circumstances or timescales require it but our general structure is:

• 15–20 minute People Screen
• 45-minute Hangout Interview with our CTO and CISO
• 30 minutes with another member of our Executive Team

Please let us know if you have any specific requirements or need assistance so we can be as accommodating as possible for you

Benefits

We're constantly evaluating and adding benefits to best support our employee's wellbeing and to help them thrive in and outside of work. The following benefits are what we currently offer:

• 35 total days holiday (25 annual leave, 8 bank holidays, 1 Kroo bank holiday [June 24th], and 1 day off during the week of your birthday)
• 3 personal health days
• An employer-sponsored volunteer programme (up to 4 hours per month supported by our partner Matchable)
• Access to Spill, our mental health support partner
• A workplace pension, with 5% employee contribution and a 3% employer top off
• After 1 year of service, access to £500 from the Kroo Learning Fund for career-related L&D
• All equipment you need to work remotely effectively, with a MacBook Pro as standard
• Access to our modern, bustling office in Holborn, Central London, includes a full gym.
• Access to our Cycle to Work scheme
• Access to our Electric Car scheme
• An enhanced parental leave policy
• Room to grow and excel within a fast-paced, high growth start-up

Office/remote working

Currently, the majority of Kroo is working fully remotely. Working remotely has changed many of our lives for the better and we are behind continuing the benefits of flexibility once restrictions are lifted. At the same time, we have a beautiful office in Holborn, which, when used for the right things, can be a useful and powerful tool. Currently we see a blended model of working 1-2 days a week in the office, so candidates that are able to travel in occasionally are the best fit for our current working practices.

Diversity

We are firmly committed to creating and maintaining a diverse and inclusive workplace in which all employees are valued, respected, safe, supported, and listened to without judgement or prejudice. These principles apply to all, regardless of race or ethnicity, age, gender, gender identity or expression, national origin, sexual orientation, mental or physical ability, religion, appearance, political beliefs, educational background, class, and position or tenure within the company. Diversity, Equity, and Inclusion are central to the direction we take at Kroo, and are considered across all aspects of our business.

Apply for this job