Information Security Risk Manager
India, Delhi NCR
- Remote-first
- Website
- @TideBusiness 𝕏
- Search
Tide
All your business finance needs in one app, from banking to credit. Join over 650,000 UK SMEs, and get back to doing what you love.ABOUT TIDE
At Tide, we are building a finance platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting.
Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2000 employees.
Tide is rapidly growing, expanding into new markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.
ABOUT THE TEAM
The Information Security Risk team is a 2nd line of defence (2LOD) team that manages Tide’s information security governance, risk & compliance programme. As part of the wider Risk & Compliance team, the Infosec Risk team works closely with 1LOD control owners such as the Infosec, IT and Cloud teams, in order to ensure continued compliance and risk management.
ABOUT THE ROLE
As Information Security Risk Manager you will be responsible for
- Managing information security risk in accordance with Tide’s global Risk Management Framework
- Managing Tide’s Information Security Management System (ISMS)
- Working with 1LOD stakeholders across the business in order to deliver risk mitigation initiatives
- Ensuring alignment with industry recognised information security control frameworks and standards, such as ISO 27001, PCI DSS, NIST CSF
- Conducting information security risk assessments and control oversight
- Defining and measuring key risk indicators and ISMS performance metrics
- Creating data driven GRC reporting and delivering to senior management
- Facilitating external audit requirements, and working with stakeholders across 1LOD and 3LOD to close information security audit findings
- Reinforcing a strong security culture throughout the business
- Ensuring Tide’s compliance with applicable regulatory requirements, and keeping abreast of new regulatory and compliance developments
WHAT WE ARE LOOKING FOR
We are looking for an information security expert with a great eye for information security risk reduction and continual improvement opportunities. You’ll join an ambitious team of highly motivated GRC specialists, who interface with all areas of the business in order to identify and manage risk at Tidel. The ideal candidate will have:
- At least 7 years experience in an information security GRC role
- Experience managing and leading cross-functional projects
- Excellent communication and stakeholder management skills
- Experience in a financially regulated environment – preferably in technology-driven & scale-up environments or consulting & audit environments
- Good technical knowledge in the field of information security
- Experience oversighting information security controls in a modern corporate environment (cloud-based, infrastructure-as-code, zero trust)
- Experience implementing and/or managing an ISMS in accordance with ISO 27001:2022
- Familiarity with common security and GRC tooling
WHAT YOU’LL GET IN RETURN
Our location-specific employee benefits are designed to cater to the unique needs of Tideans:
- Self & Family Health Insurance
- Term & Life Insurance
- OPD Benefits
- Mental wellbeing through Plumm
- Learning & Development Budget
- WFH Setup allowance
- 15 days of Privilege leaves
- 12 days of Casual leaves
- 12 days of Sick leaves
- 3 paid days off for volunteering or L&D activities
- Stock Options
TIDE IS A PLACE FOR EVERYONE
At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives.
We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.
At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.
You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Banking Cloud Compliance Finance Governance ISMS ISO 27001 NIST PCI DSS Privacy Risk assessment Risk management RMF Zero Trust
Perks/benefits: Career development Equity / stock options Health care Home office stipend Insurance Team events Transparency
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.