At a Glance
- Tasks: Manage security programs and conduct risk assessments to protect client data.
- Company: Join Addepar, a global leader in data and AI for investment professionals.
- Benefits: Hybrid work model, competitive salary, and opportunities for professional growth.
- Other info: Diverse and inclusive workplace with a focus on collaboration and innovation.
- Why this job: Make a real impact on information security in a dynamic tech environment.
- Qualifications: Experience in information security, risk management, and cloud security preferred.
The predicted salary is between 70000 - 90000 £ per year.
Addepar is a global data and AI platform empowering investment professionals to turn complex financial information into actionable intelligence. Addepar unifies portfolio, market and client data in a total portfolio view and delivers AI‑powered insights within investment and client workflows. More than 1,400 firms in nearly 60 countries use Addepar to manage and advise on nearly $9 trillion in assets.
The Role
We are currently seeking a Senior Information Security & Risk Analyst to join our Information Security & Risk team as part of the expanding team within our Edinburgh, UK location. The successful candidate will have the opportunity to help take Addepar’s Information Security and Governance programs to the next level. The Information Security & Risk (‘ISR’) organization at Addepar is focused on establishing clear, simple and consistent control frameworks, and providing effective oversight of information security and technology activities. This organization plays a critical role in helping to balance risk‑taking activities and decisions with opportunities to manage risk.
The successful candidate will be skilled in supporting high‑impact governance, risk and compliance programs that align to the size and maturity of our business. This is a hybrid role and will be 2 days per week in our Edinburgh office. Applicants must have, and maintain, the right to work in the United Kingdom from the first day of employment. Please note that visa sponsorship is not available for this role.
What You’ll Do
- Assist in the management of Addepar’s Client Due Diligence Program through the composition and maintenance of security collateral.
- Drive a more optimized Information Security and Risk Program, aligned with industry standard frameworks such as the NIST Cybersecurity Framework.
- Lead independent risk assessments of our environment focusing on our platform and its supporting third‑party and internally developed software, infrastructure, and tools.
- Support build‑out of an enterprise metrics program and risk reporting framework to communicate risk to senior management.
- Partner with control owners, engineers and other teams to facilitate reviews of new products and services, to ensure risks are identified, communicated, and mitigated.
- Support SOC2 reviews including project management, planning, and coordination across Addepar teams and external auditors.
- Maintain Addepar Information Security & Risk policies and standards, aligning to business and Client needs.
- Assist efforts on Data Governance and ensuring the right access controls are in place to support the program.
- Drive improvements and execution of risk and governance awareness programs.
- Work as part of a global operating team across multiple timezones.
Who You Are
- Extensive experience managing, consulting, auditing, or working in the fields of Information security or Technology Risk.
- AWS Cloud Security experience preferred.
- Demonstrate strong analytical, communication, and problem‑solving skills.
- Experience identifying and communicating key risks related to cloud implementations and architectures.
- Ability to manage multiple high‑visibility and high‑impact projects while maintaining superior results.
- Familiarity with control frameworks (e.g. NIST Cybersecurity Framework, NIST 800‑53, ISO) and SOC2 audit compliance.
Our Values
- Act Like an Owner – Think and operate with intention, purpose and care. Own outcomes.
- Build Together – Collaborate to unlock the best solutions. Deliver lasting value.
- Champion Our Clients – Exceed client expectations. Our clients’ success is our success.
- Drive Innovation – Be bold and unconstrained in problem solving. Transform the industry.
- Embrace Learning – Engage our community to broaden our perspective. Bring a growth mindset.
In addition to our core values, Addepar is proud to be an equal‑opportunity employer. We seek to bring together diverse ideas, experiences, skill sets, perspectives, backgrounds and identities to drive innovative solutions. We commit to promoting a welcoming environment where inclusion and belonging are held as a shared responsibility. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
Senior Security Analyst employer: Addepar
Addepar is an exceptional employer, offering a dynamic work environment in the heart of Edinburgh, where innovation and collaboration thrive. With a strong commitment to employee growth, Addepar provides opportunities for professional development and encourages a culture of inclusivity and diversity. The hybrid work model allows for flexibility while being part of a global team that values ownership, client success, and continuous learning.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Security Analyst
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Addepar, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through Addepar
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Addepar. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Senior Security Analyst
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Addepar insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Addepar that you’re committed to staying ahead in the game.
How to prepare for a job interview at Addepar
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at Addepar to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Addepar.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.
