Remote, UK

Senior Security Compliance Analyst

The Opportunity

In your role as Senior Security Compliance Analyst, you will be creating and implementing security policies and procedures which improve our posture in alignment with industry best practice and internationally recognised compliance standards.

Coordinating with and supporting our Legal, Risk & Compliance team in understanding and quantifying security risk, you’ll be responding to third-party requests for security information and performing security assessments of our suppliers, their products and services.

You’ll also coordinate our technical responses to and submissions for our compliance certifications such as PCI-DSS and SOC2, etc. and will drive our security awareness programme, promoting security within Featurespace and collaborating with our customers and industry partners to develop the maturity and standing of security within our industry.

This role can be based remotely across the UK, with the successful candidate coming in to the Cambridge office around once a quarter, or can be based in either our Cambridge or London offices.

Day to Day

  • Develop security policy, standards and guidelines
  • Maintain a security risk register and assist with internal and external audits relating to security
  • Generate reports for both technical and non-technical staff and stakeholders
  • Conduct security risk assessments, business impact analyses and recommend appropriate control improvements
  • Keep up to date with the latest security and technology developments
  • Research / evaluate emerging security threats and ways to mitigate them
  • Ensure all processes and controls that fall within your area of responsibility are operating effectively and are correctly evidenced
  • Create, maintain and deliver security awareness training for colleagues
Apply now
Joesph Woodhouse - Director of Cloud

Cloud Powered Digital Transformation – How to overcome legacy technology constraints in financial services

Joseph is the Director of Cloud at Featurespace, where he is responsible for developing the ARIC Risk Hub’s cloud platform and advising customers and prospects on the benefits and risks of cloud based architectures.

Find out more

About you

Must haves

  • Strong experience working with and implementing successfully a range of security management and control frameworks such as PCI-DSS, SOC 2 and ISO 27000
  • Strong experience of security risk management and associated practices
  • Broad knowledge / understanding of basic technical security controls / control frameworks including, but not limited to, areas such as network security, endpoint security and identity and access management, etc.
  • Knowledge of common application security vulnerabilities / risk factors, e.g., OWASP Top 10, etc.
  • Experience of ITIL standards or similar IT operations best practice

 

Great to haves

  • Experience / knowledge of basic Cloud Security concepts and standards
  • Experience / knowledge of IT system administration across Windows, Linux and Mac environments

Equal Opportunities

Here at Featurespace we are committed to being a place of equality, inclusion and respect to provide a safe environment for you to bring your authentic self to work. We know that we gain as much strength from our differences as we do our similarities. We value diversity and are dedicated to listening and learning from each other to build and maintain a positive and productive culture. We appreciate this will be an ever-evolving focus for the business to ensure everyone feels supported and has a sense of belonging.

How to apply

If you think you’re a good fit for the role above, we would love to hear from you.

Fill out the short application form, upload your CV and one of the team will get back to you.

If you have any questions or queries regarding this role, or life at Featurespace, please contact [email protected]

Featurespace Job Application Privacy Notice

Featurespace Ltd., is committed to comply with the General Data Protection Legislation and any implementing legislation (the “Data Protection Legislation”) and will process your Personal Data in accordance with the Data Protection Legislation and information security legislation. Any capitalised terms used in this Privacy Notice shall be given the same definition as in the Data Protection Legislation.

This Privacy Notice sets out the basis on which Featurespace Ltd will process Personal Data relating to job applicants.

The Data Controller is Featurespace Ltd.,  140 Cambridge Science Park, Milton Road, Cambridge, CB40GF.

Data refers to both Personal Data and Special Categories of Data. Your job application and the Personal Data held within it will be processed to assess your viability for the stated role. We may also process any information that you provide about your health, for the sole purpose of assessing whether any adjustments may need to be made to the recruitment process to accommodate you . If your application is unsuccessful, Featurespace will retain your Data for 24 months after the end of the recruitment process. Your Personal Data is processed in accordance with our legitimate interests of making sound recruitment decisions. You are under no obligation to provide us with your Personal Data. However without this, we cannot assess your job application. We will only process information about your health for the purpose of making reasonable adjustments to the recruitment process (if applicable), in accordance with our legal obligations. You have the following rights in relation to the processing of your Data: The right to be informed about how your Data is processed. You have the right to object to the processing of your Data based on our legitimate interests as outlined above. The right of access, to your Data and supplementary information relating to our use of your Data. In certain circumstances, we reserve the right to charge you for exercising this right. The right to rectification, if your Data is inaccurate or incomplete. In certain circumstances, the right to erasure, request the deletion of, or removal of, your Data. In certain circumstances, the right to restrict processing, block any further processing of your Data. We shall respond to any request made by you without delay and in any case within a month of your request. The right to complain to the Information Commissioner’s Office if you believe that your data protection/privacy rights have been breached. Your application will be submitted and stored on an application database (Greenhouse). Access to your Data on Greenhouse is limited to the relevant persons for your application- our internal recruiters, the hiring manager and interviewer(s). Your CV may be printed and shown to consulted decision makers, any physical copies will be securely and confidentially destroyed after a decision has been made on your application. Your CV is transferred to a third country, outside of the EEA, when it is processed by Greenhouse. Greenhouse meet the technical and organisational data security measures outlined in the GDPR Article 32, and are SOC2 Type II certified. We do not envisage that any decision will be taken about your application using automated means.

Read the report

The State of Fraud and Financial Crime in the U.S.

Discover the first benchmark for fraud values, volumes, and losses. By the industry, for the industry.