Multitude is an international provider of digital financial services, building a financial ecosystem that transcends the hassle of physical banking and complicated financial transactions into a paperless, borderless, and real-time experience for our customers. The foundation of our ecosystem has been laid through profound experience since 2005 in providing data-driven digital financial services globally.

As a global thinking company, we are proud of our diversity and currently employ people from over 30 different nationalities and walks of life. We support employee interests, hobbies, and goals both inside and outside of Multitude because we understand that happy people make happy employees.

We are hiring an Information Security Analyst to work in our Information Security squad to strengthen the organisation’s second line and security risk posture. You will monitor our systems and networks for security events, vulnerabilities and incidents through various systems (e.g. SIEM), services and tools (e.g. vulnerability scanning and penetration testing). In addition, you will be carrying out risk assessments of internal systems, networks, assessing security risks in third party service provision as well as assessing the physical security of the Multitude Group.

To do well in this role, you should be detail-oriented and able to juggle multiple issues efficiently and effectively. You should be able to think outside the box to analyse security issues and possess a sound information security background. Previous experience in a similar role in a financial services institution is an asset.

The Information Security Analyst will be:

• Analysing and responding to security threats from various security platforms and technologies.
• Responsible for conducting research and evaluating technical and all-source cyber intelligence to develop in-depth assessments of threats to the organisation’s networks, systems, users, and data.
• Serving as liaison and point of contact for new issues and vetting
• Creating technical assessments and cyber threat profiles of current events based on inventive collection and research to enable advanced threat intelligence
• Developing and maintaining analytical procedures to meet changing requirements and enable more strategic detections
• Staying abreast of innovative business and technology trends in IT security, risk, and controls
• Advising leadership on technology initiatives that support latest trends in IT security, risk and controls
• Ensuring effective execution of the risk management framework by managing relationships with key stakeholders within strategic business groups and technology
• Verifying that information security risks are appropriately mitigated and leads multiple stakeholders in agreement on appropriate solutions/controls
• Responsible for identifying applicable regulatory risks from changes or additions to regulatory guidance and requirements
• Providing expertise for resolution and risk mitigation.
• Championing information security with tribes, squads and chapters in the organisation to provide security training, increase security awareness and/or discuss potential security issues and scenarios.
• Developing, tracking, and reporting on Key Risk Indicators (KRIs) for information security
• Monitoring, tracking, and reporting mitigation and resolution of information security risks
• Performing process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls
• Effectively communicating key risks, findings, and recommendations for improvement with key stakeholders.
• Performing any other duties that may be assigned from time to time.

Expected skills and experience:

• A minimum of bachelor’s degree in Computer Science, Cyber Security, Information Technology, or a similar technical degree
• Minimum 4 years of generic IT professional experience, of which minimum 2 years of relevant professional experience in Information Security Management.
• Practical expertise with EDR, SIEM and SOAR
• Experience with Linux, Windows and Network Operating Systems required.
• Familiarity with Microservice architecture, event sourcing, distributed systems and asynchronous communication is considered an asset.
• Basic knowledge of Kafka, Docker, Kibana, New Relic, Mongo, Elasticsearch, Oauth2, Kubernetes, terraform is considered an asset.
• Good programming and scripting skills (Python, Bash, PowerShell).
• One or more of the following qualifications is desirable (CISSP, CISM, CISA, CRISC, ITIL V3, ISO27001 Lead Auditor).
• Be fluent in English and have strong oral and written communication skills to work effectively with employees at all levels of the organisation.
• Being comfortable driving conversations with teams with varied backgrounds and purpose, such as conversing with Risk Business Tribes and Squads, Technology Squads, Vendors and Senior Management. It is also important that you are receptive to guidance from your Chapter/Squad Lead and able to effectively communicate results to the Squad Lead.
• You must be highly organised with ability to prioritise and multi-task, as well as able to thrive in a fast-paced environment
• Excellent problem-solving skills and the ability to be highly productive, both working alone and as part of a team.

What’s in it for you:

• Wellbeing benefit;
  
• Health Insurance;
• Mobile Phone for Business use;
• Weekly breakfasts in the office;
• Hybrid flexible working model;
• Access to LinkedIn learning with over 8000 courses;
• Share purchase matching program;
• Opportunities for growth, the realization of own ideas, and further training;
• The opportunity to work in a dynamically international evolving company.