Information Security & Risk Senior Analyst (United Kingdom)

The job overview for this role is to support the Information Security & Risk Program at Addepar by driving optimization, conducting risk assessments, developing metrics and reporting frameworks, facilitating product and service reviews, managing SOC2 reviews, maintaining security policies and standards, and improving security awareness programs. The successful candidate should have 5+ years of experience in information security or technology risk, with a preference for AWS Cloud Security experience.

• Drive a more optimized Information Security and Risk Program, aligned with industry standard frameworks such as the NIST Cybersecurity Framework.
• Lead independent risk assessments of our environment focusing on our platform and its supporting software, infrastructure, and tools.
• Support build-out of an enterprise metrics program and risk reporting framework to communicate risk to senior management.
• Partner with control owners, engineers, and other teams to facilitate reviews of new products and services, to ensure risks are identified, communicated, and mitigated.
• Support SOC2 reviews including project management, planning, and coordination across Addepar teams and external auditors.
• Maintain Addepar Information Security & Risk policies and standards, aligning to business and Client needs.
• Drive improvements and execution of security awareness programs.

• Skilled in supporting high-impact governance, risk, and compliance programs
• Experience in managing, consulting, auditing, or working in the fields of Information security or Technology Risk (5+ years)
• Familiarity with industry standard frameworks such as the NIST Cybersecurity Framework
• Ability to lead independent risk assessments
• Knowledge of platform and software infrastructure
• Experience in project management and coordination
• Familiarity with SOC2 reviews
• Ability to maintain information security and risk policies and standards
• Proficiency in driving improvements and execution of security awareness programs
• AWS Cloud Security experience preferred
• Professional certification in AWS Certified Solutions Architect, AWS Certified Security Specialty, or Certified Information

• Drive a more optimized Information Security and Risk Program
• Lead independent risk assessments
• Support build-out of an enterprise metrics program and risk reporting framework
• Partner with control owners, engineers, and other teams
• Support SOC2 reviews
• Maintain Addepar Information Security & Risk policies and standards
• Drive improvements and execution of security awareness programs
• Act Like an Owner
• Build Together
• Champion Our Clients
• Drive Innovation
• Embrace Learning
• Equal opportunity employer
• Virtual interview and onboarding experience
• Reasonable accommodation for individuals with disabilities