Senior Cyber Security Risk Analyst

About the team:

The Security Governance team forms part of the bigger Information Security team at Luno. The Security Governance team is responsible for overseeing all governance aspects of information security with the company. This includes maintaining Luno’s certification to industry standards such as ISO 27001, assessing compliance with relevant cyber security laws and regulations, information security risk management, reporting to management on information security issues and ensuring compliance to Luno’s information security policies. We work closely with the Luno Risk team, Internal Audit team, Cloud Security team and Cyber Defense team to ensure the security of Luno and its customers’ information.

The Security Governance team is looking for a Senior Cyber Security Risk Analyst to contribute to the establishment and development of its function.

The role in a nutshell:

As a Senior Cyber Security Risk Analyst you will focus on the entire company’s information security risk profile. You will assist the Information Security Officer and the Information Security Governance Manager in identifying information security risks within the Luno environment and also come up with solutions to remediate those risks while assisting risk owners in implementing the solution. You will spend most of your time collaborating with other teams to understand their processes in place, assist in information security risk assessments against those processes, report findings, assist risk owners in implementing risk-avoiding solutions and providing assurance that information security controls are appropriate and effective.

Your mission will be:

• Be responsible for updating, maintaining and improving the Information Security Risk Register;
• Think outside the box to envision information security risks that might be otherwise unnoticeable to the organisation;
• Conduct information security risk workshops with stakeholders to identify relevant risks;
• Work closely with the Luno Risk team to coordinate risk management efforts;
• Report on information security risks in relevant governance meetings;
• Conduct assurance activities to ensure that information security controls are in place, appropriate and effective;
• Assist the Information Security Governance Manager to maintain and continuously improve the Luno Information Security Management System (ISMS);
• Review and evaluate controls in place to ensure compliance to ISO 27001 requirements;
• Conduct cyber maturity assessments on information security controls in place, which will be reported on to management.
• Propose solutions to mitigate against current or future risk;
• Assist in information security incident management by maintaining the information security incident register, participating in post incident analysis, and proposing remediations to address root-cause issues/risks;
• Update and maintain company information security policies in collaboration with relevant stakeholders; 
• Assist in identifying and delivering relevant training initiatives to employees regarding information security;
• Assist in IT Audits (internal and external audits)

A little about you:

• Strong knowledge of information security controls and best practises;
• At least 5 years of information security related experience and a proven track record in IT risk management;
• Industry recognised certification(s) relevant to information security and risk management (CISA, CRISC; CISSP or similar);
• Excellent stakeholder management;
• Strong verbal and written English communication skills, including report writing and documentation;
• Able to work both autonomously and within a team structure;

Additional skills that will be beneficial to your application

• Knowledge of ISO27001, ISO 31000, ISO 22301, GDPR;
• Experience in IT Audit and control testing or collaborating with Internal Audit teams with regard to IT audits;
• Knowledge of Cloud Security;
• Knowledge of Blockchain and crypto technologies.

Life at Luno:

• Forward-thinking and ambitious team that values diversity, hard work, and the continuous quest for excellence.
• Remote but reachable work policy gives you the freedom to choose between working from home or the office.
• Improve body and mind, with excellent private medical insurance. 
• Free training courses on Udemy and CodeAcademy.
• 0 fees with Luno from the day you start.
• Generous maternity / paternity and even paw-ternity for your furry friend.
• Annual Inspiration Day.
• A collaborative, friendly work community, with regular social events and virtual cooking, dancing, drawing and house planting classes hosted by our Lunauts. 
• Free lunch and snacks.
• Free access to Headspace – a full library of guided meditations, sleep stories, and music.

About us:

Luno makes it simple to buy, store and explore crypto. More than 10 million people have chosen to invest in crypto with Luno using our platform, which is available on Apple, Android and as a desktop experience. We’ve enabled over $52bn of transactions and we securely store over $1bn for our customers around the world.

Our mission is to put the power of crypto in everyone's hands because we believe that giving people access to a robust and fair financial system is a basic human right. We are with customers at every step of their investment journey with clear, jargon-free information and an easy-to-use app experience that helps people get started from as little as $10.

In order to make crypto accessible to everyone, everywhere, we’re on the ground in more than 40 markets across North America, Africa, Asia and Europe. We are registered with all local financial intelligence authorities and proud of our strong AML measures and world-leading compliance teams. All the crypto we store for our customers is regularly verified by independent auditors.  Luno is the trusted guide that will bring crypto to over 1 billion people by 2030.