- Date Posted
- Aug. 29, 2021
- Business Applications
We are looking for a driven, talented Information Security Officer with expert knowledge of ISO27001 to help us build our SaaS-based anti-money laundering solutions, which help organizations fight financial crime! We are building cutting edge solutions that help reveal the truth for a safer world and stop money ending up in the hands of terrorists. You will join the Operations Team, oversee our compliance with 27001 and assist with gaining and maintaining additional certifications, such as SOC 2.
Since launching in 2014, we have been on a mission to neutralize the risk of money laundering, terrorist financing, corruption, and other financial crime on a global scale. In that time, we have raised over $100m in funding, have four global hubs located in New York, London, Singapore and Cluj-Napoca and are backed by Ontario Teachers’, Index Ventures, Balderton Capital and Goldman Sachs.
We aim to grow to over 350 employees in the next 12 months, as we continue to fight the good fight against financial crime and help make compliance less painful for our client base of over 500 enterprises across 75 different countries. We’re leveraging game-changing tech to help us on our mission as the financial industry’s leading source of AI-driven financial crime risk data and detection technology.
- No fight against crime is complete without the right values, and we take ours very seriously!
- Focus on the Team - We’re Collaborative, Human, and Humble
- Kaizen - We’re Curious, Proactive and Agile
- Deliver Results - We’re Tenacious, Accountable and Focused
We can only defeat financial crime if we have the right people with the right values in place to do so, and we’re committed to investing in passionate people who are experts in their field. Our culture and working environment is second to none - Don’t believe us? See what our employees have to say on Glassdoor.
About the role - what you will do:
- Manage the ongoing effectiveness of the company’s Information Security Management System (ISMS) to continuously improve and retain ISO27001 and related certifications.
- Monitor and develop information security policies, procedures and plans.
- Ensure compliance with all applicable security, data privacy & protection standards and regulations (eg. GDPR) through working closely with the Legal team.
- Provide information security guidance to all staff, and implement training, education and awareness initiatives to improve the information security culture of the company.
- Work with the Head of Engineering Security to ensure the SSDLC is properly integrated with the ISMS.
- Work with all departments to assess new internal projects, provide recommendations regarding their risks and appropriate controls, and support implementation as needed.
- Undertake risk assessments of 3rd party suppliers to ensure their security meets expectations and engage with them to make proportionate improvements when required.
- Manage information security incidents, working with technical teams and communicating to stakeholders to ensure successful responses.
- Perform and scope security assessments and compliance audits across the company and our suppliers to ensure information security continues to be effective and suitable for the business.
- Provide assurance to existing and new clients.
- Chair the ISMS committee and provide risk analysis to the senior leadership team
- What does success look like after 3 months?
- Seamless transition into ownership of ISMS
- Pathway defined to further align Infosec strategy with business strategy
- Strong relationships built across all functions in the business
The ideal candidate will have:
- In depth knowledge of how an ISMS is managed and maintained
- Expert knowledge of the ISO27001 standard
- Deep understanding of risk management principles
- Strong understanding of data privacy and the GDPR
- Up to date knowledge of the current threat landscape and security technologies
- Strong understanding of cloud security environments and SSDLC processes
The benefits of working at ComplyAdvantage include the below;
Flexible working hours, and “hybrid” working policy