Information Security Officer at scaling Fintech (AWS, ISO27001, SIEM, PCI, Cyber Security)
7 days left
- Job Type
WHO WE ARE?
We are an award-winning cloud-native payment technology provider for financially regulated institutions. Launched in 2016, we've doubled in size year on year as we continue to redefine what a truly instant payment experience means.
We celebrate diversity, promote entrepreneurialism and are committed to giving everyone a say in shaping our business. Here you will grow as a person and accomplish incredible things. A career at Form3 is empowering, inspiring and fun. Join us and help shape the future of payments.
OUR SECURITY TEAM
Our awesome Security team consists of Information Security Officers, Cloud Security Engineers and Ethical Hackers and we're now looking to grow this team.
This is a challenging, exciting, varied and broad role. Some key duties include responding to alerts from the SIEM, Vulnerabilities Management with Qualys, managing and implementing security tools such as DLP and IPS, co-ordinating pen test and security remediation with the engineering team, Risk Management, updating Risk Register and Continual Improvement log where security issues have been identified, updating documentation when required, and participation in internal and external audit activities.
Some of our main security tools: Cloudflare, Trend Micro Deep Security, Alienvault USM, Carbon Black, Qualys, Jamf, Snyk, AWS GuardDuty, AWS Cloudtrail, AWS IAM, AWS Shield, Ubuntu Landscape, Vault, Auth0.
Occasional travel to our London office will be required.
WHAT WE'RE LOOKING FOR?
- 5+ years in Information/Cyber Security.
- A technical background.
- Working knowledge of security frameworks and security controls e.g. NIST CSF, ISO22301, IS027001, ISAE3000/SOC2, SOC1, GDPR and PCI DSS.
- Exposure to security operations and application security best practices.
- Experience developing, writing, implementing, auditing and improving information security policies and procedures aligned to relevant industry frameworks/standards to ensure that security and compliance accreditations are achieved and maintained.
- Perform periodic internal audits, reviews and contribute to the continuous improvement of IT security standards, processes and procedures.
- Ability to perform Business Impact Analysis, risk assessment and treatment.
- Experience operating, maintaining, auditing and improving Vulnerability Management, SIEM and Threat Intelligence systems.
- Relevant certifications (CISSP etc.)
- Experience in security incident response, forensic security investigations, management and remediation of identified and day-zero vulnerabilities, alerts, threats and breaches.
- Public Cloud Security experience.
- 30 days annual leave plus Bank Holidays
- Remote friendly environment
- Flexible working arrangements
- Udemy and educational reimbursements
- Full details are available on our careers page
LIFE AT FORM3
We’re an open, diverse and friendly bunch who believe everyone has a voice. Our team is a mixture of banking experts, techies, artists, marketers, and customer advocates. Here at Form3, you’ll get the opportunity to be part of our rapidly scaling business, with some of the brightest talents in tech and payments, working in one of the highest growth sectors and the hottest location for payment Fintech in the world.