Regional Information Security Senior Analyst
Europe
Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.
What makes us different?
Kraken is a mission-focused company rooted in crypto values. As a Krakenite, you’ll join us on our mission to accelerate the global adoption of crypto, so that everyone can achieve financial freedom and inclusion. For over a decade, Kraken’s focus on our mission and crypto ethos has attracted many of the most talented crypto experts in the world.
Before you apply, please read the Kraken Culture page to learn more about our internal culture, values, and mission. We also expect candidates to familiarize themselves with the Kraken app. Learn how to create a Kraken account here.
As a fully remote company, we have Krakenites in 70+ countries who speak over 50 languages. Krakenites are industry pioneers who develop premium crypto products for experienced traders, institutions, and newcomers to the space. Kraken is committed to industry-leading security, crypto education, and world-class client support through our products like Kraken Pro, Desktop, Wallet, and Kraken Futures.
Become a Krakenite and build the future of crypto!
Proof of workThe team
We are seeking a highly capable Senior Analyst to support regional information security, operational resilience, and business continuity initiatives across the UAE and European regions. This role is instrumental in ensuring compliance with applicable laws and frameworks, including MiCA, DORA, ISO27001, and UAE SCA regulations.
The analyst will work closely with the Group Security and IT teams, contributing to global security frameworks and ensuring consistent implementation of regional requirements. The position focuses on risk assessments, business impact analysis, control testing, audit preparation, and regulatory reporting—while providing tactical support to the RISO function.
The opportunity
Prepare, contribute and report to regional risk governance and board committee meetings, highlighting control status, risk exposure, and readiness.
Execute risk assessments and control testing across UAE operations in line with SCA cybersecurity guidelines and security best practices.
Maintain and review Business Impact Assessments (BIA), integrating findings into global resilience planning.
Contribute to Business Continuity Plan (BCP) documentation, testing, and updates, including entity-specific scenarios.
Collaborate with Group Security and IT to:
Align UAE-specific regulatory controls with global policies and control frameworks.
Contribute to the development of security policies to meet international and UAE compliance requirements.
Conduct security control validation and document evidence for internal/external audits.
Participate in remediation planning for audit findings and track progress to closure.
Support the RISO in preparing and submitting regulatory documentation to regulators.
Prepare and present security and resilience reports for internal governance committees and local entity management.
Assist in responses to regulatory examinations, including due diligence and compliance queries.
Liaise with compliance and legal teams to interpret regulatory changes and propose control adaptations.
Participate in the regional incident response process, assist with post-incident reviews, and support continuous improvement activities.
Coordinate with cross-functional stakeholders to embed security requirements into operational processes.
Skills you should HODL
5+ years of experience in Information Security, IT risk management, or compliance.
Strong understanding of financial cybersecurity frameworks, ISO27001, NIST, and DORA frameworks.
Experience supporting BCP/DR planning and operational resilience assessments.
Excellent communication, stakeholder management, and technical documentation skills.
Security certifications such as CISSP, CISM, CRISC, ISO27001 Lead Implementer, or CBCP are highly desirable.
This job is accepting ongoing applications and there is no application deadline.
Please note, applicants are permitted to redact or remove information on their resume that identifies age, date of birth, or dates of attendance at or graduation from an educational institution.
We consider qualified applicants with criminal histories for employment on our team, assessing candidates in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
Kraken is powered by people from around the world and we celebrate all Krakenites for their diverse talents, backgrounds, contributions and unique perspectives. We hire strictly based on merit, meaning we seek out the candidates with the right abilities, knowledge, and skills considered the most suitable for the job. We encourage you to apply for roles where you don't fully meet the listed requirements, especially if you're passionate or knowledgable about crypto!
As an equal opportunity employer, we don’t tolerate discrimination or harassment of any kind. Whether that’s based on race, ethnicity, age, gender identity, citizenship, religion, sexual orientation, disability, pregnancy, veteran status or any other protected characteristic as outlined by federal, state or local laws.
Stay in the know
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Blockchain CISM CISSP Compliance CRISC Crypto Governance Incident response ISO 27001 NIST Risk assessment Risk management
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.