Information Security Risk Analyst

About us @Symphony

We’ve spent the last 10 years building a communication and markets technology company, powered by interconnected platforms: messaging, voice, directory and analytics.  Over 1000 institutions use our modular technology built for global finance. Security is in our DNA with uncompromising data protection, end-to-end encryption and resilient architecture, all created on a foundation of trust with our customers . 

But that was only chapter one. We’re now building on our purpose-built network, expanding AI-powered, real-time collaboration, redefining flexibility with fully cloud-native software with our trader voice product, and rethinking the industry’s approach to identity verification, connection and intelligence. .

The opportunity and our ambition are huge. But we need passionate, dedicated individuals to get there. At Symphony we work hard and fast. Our unique blend of technology and financial services makes it an environment you won't get elsewhere.

Role Description:

As a Security Engineer, this resource will be responsible for assessing information risks, identifying opportunities for reducing risk, and facilitating remediation of identified vulnerabilities within organization’s network, systems, and applications.

Reports on findings and recommendations for corrective action. Perform regular Risk and Vulnerability Assessments utilizing various IT Security Tools and Methodologies and reports on findings and recommendations for corrective action. Identify opportunities to reduce risk and document remediation options regarding acceptance or mitigation of risk scenarios.

Facilitate and monitor performance of risk remediation tasks, changes related to risk mitigation & reports on findings. Maintain oversight of IT and vendors regarding the security maintenance of their systems and applications. Provides regular status reports, including metrics and outstanding issues. Assist in all internal and external audits, and regulatory examinations.

Responsibilities

• Serve as a primary point of contact for customer due diligence and risk assessment inquiries. 
• Assist in gathering and organizing information to respond to Requests for Information (RFIs) related to information security. 
• Support the process of responding to annual third-party risk management inquiries and audits from clients. 
• Maintain accurate records of customer due diligence requests and responses.
• Collaborate with internal teams to obtain necessary information for completing due diligence questionnaires. 
• Assist in the review and analysis of information security documentation to ensure accuracy and completeness. 
• Contribute to the improvement of processes, tools, and templates used for responding to customer inquiries. 
• Assist in internal and external audits and regulatory examinations as needed.

The right background

• 1-3 years of experience in a related field (e.g., information security, risk management, compliance, or a related area). 
• Basic understanding of IT risk management concepts. 
• Familiarity with information security standards and frameworks (e.g., ISO 27002, NIST Cybersecurity Framework) is a plus. 
• Strong communication and interpersonal skills. 
• Excellent organizational skills and attention to detail. 
• Ability to work effectively in a team environment. 
• Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint). 
• Prior experience working within a financial service organization is a plus. 

Compensation:

• Competitive salary
• Bonus Plan
• Benefits and Perks vary based on location.

Benefits and Perks:

• Regional specific competitive benefits
• Build your own Benefits (BYOB) perk
• Many other fun and exciting benefits and activities!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.