Compliance Specialist - SOC2 - Global FINTECH 65-90k

My client is a rapidly expanding Financial Services Technology (FinTech) company founded in 2010. Its Headquarters is in London, and it has further offices in New York, Hong Kong, and Toronto.

They build cutting edge, AI-assisted, trade analysis software for their clients which consist of banks, hedge funds, asset managers and other financial services institutions.

Summary of role:

They are looking for an exceptional Compliance Specialist to take the lead on all compliance-related activity within my client. This will include maintaining their existing ISO27001 certification, planning and running a project enabling us to receive a SOC2 type 2 certificate, and responding to client questionnaires as they relate to compliance issues. In this role, you will have full responsibility for the planning, implementation, and maintenance of my clients cyber security policies and compliance programs.

You will need to have a close working relationship with our Information Security, Infrastructure and Legal teams, and you will disperse best practice behaviour throughout the firm regarding information security and acceptable use. We are looking for someone who has some technical knowledge with cybersecurity tools and general scripting.

The successful candidate will have a demonstrated ability to work in a customer-focused organisation and have experience of playing a key role in the development of best practice within InfoSec and Compliance.

Responsibilities will include:

• Implement, manage, and maintain compliance programs. They are ISO27001 compliant and are looking to get SOC 2 compliant in the near future. The role will also involve any future compliance frameworks as required by the company.

• Contribute to infrastructure and security assessments, including scripting to enable automation within the company.

• Help to answer client questions as they relate to our infosec compliance policies and procedures.

• Maintain a cyber security risk register, design, and work with other teams to implement action plans to mitigate risks where appropriate.

• Maintain procedure documentation and contribute to the management of infosec policy.

• Monitor logging and event systems, following up on alerts as appropriate.

Experience Required:

• Proven experience with Cybersecurity compliance programs.

• Demonstrable industry experience in information and cyber security roles.

• Highly organised, able to keep track of multiple deadlines.

• An understanding of computing and networking fundamentals.

• Extremely strong written and verbal communication skills, essential for managing a range of internal and external stakeholders.

• It would be advantageous if you have data analytics skills and experience automating data tasks.