Information Security Auditor

Are you an InfoSec Auditor with experience in PCI DSS & ISO 27001, ready to drive our organisation’s compliance?

What you’ll be doing

Thredd is looking for an Information Security Auditor to join our Info Sec team based out of our London office.

In this role, you will evaluate and enhance our information security frameworks and internal control systems, ensuring compliance with SOC 2, ISO 27001, ISO 22301, and PCI DSS requirements. You'll support audits, track security performance, manage supplier relationships, alongside handling day-to-day risk management. 

This position offers an opportunity to make a significant impact on our organisation's security landscape. You'll work closely with cross-functional teams and play a key role in fostering a culture of security awareness throughout the company.

Responsibilities

• Stay informed on emerging regulations and governance standards to maintain the organisation's forward-looking security posture
• Conduct comprehensive risk assessments to identify, evaluate, and mitigate risks related to governance, data security, and compliance. Effectively respond to third-party requests for information, ensuring alignment with contractual and regulatory obligations.
• Perform thorough audits of security controls, processes, and systems to ensure compliance with organisational governance policies and industry standards such as ISO 27001, SOC 2, and PCI DSS.
• Assess the effectiveness of internal governance frameworks, identify areas for improvement, and propose actionable recommendations. Monitor adherence to governance frameworks, escalating non-compliance issues as necessary.
• Develop and deliver engaging training sessions to employees on internal governance standards and compliance best practices, enhancing overall security awareness.
• Address day-to-day risk management tasks and respond promptly to security alerts, ensuring swift and effective resolution of potential threats.
• Oversee supplier relationships and conduct thorough vendor/client onboarding reviews to maintain security standards across the organisation's network
• Implement and maintain systems to track security performance and compliance posture over time, providing insights for continuous improvement.
• Assist in the preparation and execution of internal audits, and help coordinate external audit processes to ensure organisational readiness and compliance.
  
  

What you bring

• Proven experience in a similar role, ideally within financial services industry
• Prior interaction with security frameworks – particularly PCI DSS and ISO 27001
• Understanding of regulatory reporting and compliance
• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience
• Basic knowledge of IT security controls
• Prior experience and understanding of security audits, compliance assessments and internal security reviews
• A natural problem solver with strong analytical skills
• Collaborate effectively not only with immediate InfoSec team but cross-functionally on a global scale

A bit about us …

Thredd is the trusted next-gen payments partner for innovators looking to modernise their payments offering. Certified by Mastercard, Visa and Diners & Discover, we process billions of debit, prepaid, and credit transactions annually, supporting consumer and corporate fintechs, digital banks, and embedded finance providers across the globe. Our unique offering is our client-centric approach, combining hands-on support with modern, reliable, and scalable technology. Our assured solution accelerates the development and delivery of consumer and corporate payments components embedded within digital banks, as well as for expense management, B2B payments, crypto, lending, credit, Buy Now Pay Later, FX, remittance, and open banking innovators.

Other

This role is a hybrid role based out of our London office.

Thredd operates in a secure environment and all candidates will be Credit and Background checked to the extent permitted by law