IT Security Risk & Compliance SpecialistCanary Wharf, United Kingdom | Posted on 09/01/2025
Industry: Banking / Fintech – Open Banking Product Location: Canary Wharf, London About Us
Banfico is a fintech headquartered in London with offices in Germany, Brazil, Saudi Arabia, and India.
We are focused on delivering open banking & verification of payee technology SaaS solutions that are revolutionizing digital banking experiences globally.
We are looking for a highly motivated and experienced professional to join our team as an Information Security Compliance Lead who will work closely with the business team and management.
Key Responsibilities Manage existing ISMS, create policies & procedures related to information security and other compliance frameworks/certifications (ISO 27001, CyberEssentials, DORA, GDPR, ESG, etc.
)Plan and perform internal technical compliance checks.
Monitor compliance with information security policies and procedures, escalate to management if required.Understand Banfico's products and maintain an accurate knowledge base of Banfico's security posture.Collaborate with pre-sales, business development, product, and engineering teams and contribute towards information security related content in requests for proposals, and due diligence assessments.Be a point of contact for all customer-related security inquiries.Manage customer-specific compliance according to their requirements.Assist and facilitate internal and external information security audits.Update management on current information security technologies and related regulatory issues.Requirements5 years of experience in Information security and compliance.2+ years of experience working with prospects and customers, performing internal security audits, and facilitating security assessments.Experience in partnering with pre-sales and business development teams to respond to security/compliance questionnaires, RFPs, and contract reviews.Ability to articulate complex information security topics to a wide range of technical and business stakeholders.SaaS and cloud services experience is preferred.Solid understanding of modern cloud and network technologies and up-to-date knowledge of OWASP, NIST frameworks, GDPR, NCSC cyber guidance, etc.Professional GRC certifications is a plus.Additional Benefits:
25 days annual leave plus bank holidays
Vibrant start-up atmosphere at Level39.co, Canary Wharf
Opportunity to progress in the role as our organisation grows.
Work in a recession-proof business segment.
#J-18808-Ljbffr