Information Security GCR Analyst
London
Checkout.com
Boost your acceptance rate, cut processing costs, fight fraud, and create extraordinary customer experiences with Checkout.com's payment solutions.We're building the connected finance businesses deserve. Unleashing them with tomorrow's technology, today. Our flexible payments solutions help global enterprises — like Samsung, Deliveroo and Adidas — launch new products and create experiences customers love. And it's not just what we build that makes us different. It's how.
We liberate smart, passionate people to collaborate, innovate and do their best work — faster. That's why we're one of the most valuable fintech firms around. But we're just getting started. By cutting through financial complexity, we'll empower companies to change the world. Join us. Unlock your potential.
Build tomorrow, today.
Information Security GCR Analyst at Checkout.com:
We are looking for a GRC Specialist to join our team to help mature and implement our Governance, Risk, and Compliance program across Checkout. In this role, you will join one of the most exciting startups in London and get to work in a complex cloud-first organization on a global scale. If you like working in fast paced environments and have a passion for all things security and compliance, then we want to hear from you.
What you will be doing
- Support in the review, design, and implementation of IT security standards (ISO/IEC 27001) and their implementation across the business
- Support in security and compliance matters including but not limited to implementation of new security tools, Internal/external auditor engagements, and any information security legislative/regulation compliance requirement
- Provide security subject matter expertise on projects undertaken by the business and act as an advisor on all business security policy, information risk management issues
- Support in the execution of the general data privacy assessment processes (including third-party assessments), internal control reviews, and risk assessments to monitor compliance with information security policies and standards
- Timely completion of client compliance questionnaires relating to information security
- Working effectively with IT, Engineering, and Customer service teams to coordinate InfoSec changes and ensure those information security requirements are embedded at an early stage of the business process
- Assist in developing and maintaining Security Incident Response Procedures and Data Breach Guidelines. Reviewing and reporting on security incidents, potential incidents, or other security risks and ensuring that appropriate correction and preventative measures are implemented
- Working with our sales teams to ensure that due diligence assessments, InfoSec questionnaires and RFPs are completed to deadlines
- Working closely with the wider team to support risk remediation and solution design related to vulnerability scanning and penetration testing of critical assets
- Ensure that the ISMS security, process, and critical systems documentation is maintained/reviewed at appropriate levels and at designated review times
- Assist in conducting Internal Information Security audits, producing reports with recommendations for remediation and improvement
- Assist in maintaining staff information security awareness
About You
- Recent experience of working in a similar capacity.
- Strong knowledge of information security principles.
- Excellent knowledge of methodologies, processes, and tools associated with Governance, Risk, and Compliance.
- Experience in policy, standard, guidelines, and procedure creation
- Strong knowledge of Information/Data security standards such as PCI DSS and ISO27001
- Relevant industry certification (e.g., ISO 27001 LA/LI, CRISC, CISA, CISSP, CISM, etc.).
- Proven experience in a GRC role
- Understanding and experience of implementing NIST CSF
- Knowledge of current information security legislative/regulatory requirements such as GDPR
- Demonstrable experience of using industry standards and good practice to shape information security activities
- Demonstrable experience of working with information security toolsets, such as vulnerability scanning tools or endpoint security products
- Demonstrable experience assessing security in cloud environments such as AWS, Azure, GCP)
At Checkout.com, everything starts with our values, including the experience we offer our people.
#AspireWe supercharge your professional growth with career development programs and leadership training. You can learn your way, with tailored pathways and online platforms. And be inspired at relevant conferences.
#ExcelWe don't stop at 'good' here. We strive for excellence amongst our teams every day and recognize colleagues who take it to the next level through our quarterly peer-nominated Hero awards.
#UniteWe're proud of our global connections and inclusive environment. So we champion this through our colleague-led community groups and celebrate many cultural events together.
Want to see us in action?
Take a peek inside here.
More about Checkout.comWe empower businesses to adapt, innovate and thrive with the connected payments they deserve. Our technology makes payments seamless. We provide the fastest, most reliable payments in more than 150 currencies, with in-country acquiring, world-class fraud filters and reporting, through one API. And we can accept all major international credit and debit cards, as well as popular alternative and local payment methods. Checkout.com launched in 2012, and we now have a team of 1000 people across 17 international offices. To date, we’ve raised a total of $830 million, with our recent Series C valuing us at $15 billion.
We believe in equal opportunitiesCheckout.com is an equal opportunities employer. We welcome applications from all members of society irrespective of age, sex, disability, sexual orientation, race, religion, or belief. We make recruiting decisions based on your experience, skills and personality. We believe that employing a diverse workforce is the right thing to do and is central to our success.
Tags: APIs Audits AWS Azure C CISA CISM CISSP Cloud Compliance CRISC Endpoint security Finance FinTech GCP GDPR Governance Incident response ISMS ISO 27001 NIST PCI DSS Pentesting Privacy Risk management
Perks/benefits: Career development Conferences Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs