At a Glance
- Tasks: Lead compliance programs, manage audits, and develop security policies.
- Company: Join a tech service provider enhancing trading infrastructure in e-trading markets.
- Benefits: Enjoy flexible remote work, competitive salary up to £60,000, shares, and benefits.
- Why this job: Be part of a dynamic team improving security practices and compliance in a fast-paced environment.
- Qualifications: 4+ years in infosec/compliance, experience with GRC tools, and familiarity with security standards required.
- Other info: Remote-first role with flexible working locations across the UK/Europe.
The predicted salary is between 43200 - 72000 £ per year.
Location: Remote First; office location Moorgate, London (flexible remote working locations within UK/Europe)
Employment type: Permanent (open to contract as well)
Working Hours: Full-time (UK 9-6) or part-time
Salary: dependent on experience up to £60,000 + Shares + Benefits
We are hiring to enhance our Security and Compliance efforts. In this role, you will collaborate with Senior Leadership and Site Reliability Engineering to support our GRC initiatives.
We provide a low latency, high throughput distributed messaging system to the e-trading Fixed-income markets. We are foremost a technology service provider and support part of our customers’ trading infrastructure.
You will help maintain positive customer relationships by handling compliance questions and making sure our security practices are effective and up-to-date.
Here’s what you’ll be doing:
- Lead and Improve Compliance Programmes: manage internal control evaluations and testing to ensure adherence. Ensure compliance with industry standards such as DORA, ISO 27001, and SOC 2. Coordinate responses to internal and external audits, and facilitate independent security assessments, including third-party penetration tests.
- Develop and Implement Security Policies: create information security policies, standards, and guidelines. Ensure data privacy practices comply with GDPR and relevant laws. Assess policy compliance, track risk exposure, and support continuous compliance initiatives.
- Risk Management and Issue Resolution: establish and maintain a risk assessment process to identify, evaluate, and mitigate potential risks. Triage security issues and provide recommended solutions.
- Stakeholder Communication and Reporting: respond to customer security questionnaires and produce management reports on security compliance and metrics for relevant committees.
- Awareness and Training: design and deliver security policy awareness and training programs, fostering a culture of security and data privacy throughout the organisation.
Above all, you will have:
- 4+ years of experience in an infosec or compliance role
- Experience answering complex compliance questionnaires, ideally from Banks or highly regulated organisations
- Experience in developing and implementing information security policies, standards and procedures
- Completed a SOC 2 or ISO27001 certification process for at least two different organisations
- Experience implementing and managing a GRC automation tool
- Have familiarity with security standards such as NIST CSF, DORA, SOX and AWS FTR
- Can comprehend penetration test and vulnerability scan results
- Have startup experience or a diverse skillset
- Can code or navigate a CLI
#J-18808-Ljbffr
Compliance Specialist employer: TransFICC
Contact Detail:
TransFICC Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Compliance Specialist
✨Tip Number 1
Familiarize yourself with the specific compliance frameworks mentioned in the job description, such as DORA, ISO 27001, and SOC 2. Understanding these standards will not only help you in interviews but also demonstrate your commitment to the role.
✨Tip Number 2
Network with professionals in the compliance and information security fields. Engaging with others who have experience in similar roles can provide valuable insights and potentially lead to referrals or recommendations.
✨Tip Number 3
Prepare to discuss your experience with compliance questionnaires, especially those from banks or highly regulated organizations. Be ready to share specific examples of how you've successfully navigated complex compliance challenges.
✨Tip Number 4
Showcase any experience you have with GRC automation tools. If you’ve implemented or managed such tools in the past, be prepared to explain how they improved compliance processes in your previous roles.
We think you need these skills to ace Compliance Specialist
Some tips for your application 🫡
Understand the Role: Make sure to thoroughly read the job description for the Compliance Specialist position. Highlight key responsibilities and required skills, and think about how your experience aligns with these.
Tailor Your CV: Customize your CV to reflect your relevant experience in information security and compliance. Emphasize your familiarity with industry standards like DORA, ISO 27001, and SOC 2, as well as any experience with GRC automation tools.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for compliance and security. Mention specific examples of how you've led compliance programs or developed security policies in previous roles.
Highlight Relevant Experience: In your application, be sure to detail your experience answering complex compliance questionnaires and your involvement in audits. This will demonstrate your capability to handle the responsibilities outlined in the job description.
How to prepare for a job interview at TransFICC
✨Showcase Your Compliance Knowledge
Be prepared to discuss your experience with compliance frameworks like DORA, ISO 27001, and SOC 2. Highlight specific examples of how you've managed compliance programs and handled audits in previous roles.
✨Demonstrate Risk Management Skills
Discuss your approach to risk assessment and mitigation. Provide examples of how you've triaged security issues and implemented solutions, showcasing your problem-solving abilities.
✨Communicate Effectively
Since stakeholder communication is key, practice articulating complex compliance concepts in a clear and concise manner. Be ready to explain how you would respond to customer security questionnaires and report on compliance metrics.
✨Emphasize Training and Awareness Initiatives
Share your experience in designing and delivering training programs related to security policies. Discuss how you've fostered a culture of security awareness in previous organizations, as this will be crucial for the role.