Job Specifications
We are Vitesse - the treasury and payment partner of choice for insurance.
Formed in 2014 by a team of proven FinTech entrepreneurs, we are an FCA-regulated business providing global claim funds management and payment solutions. Operating one of the largest banking and payment settlement networks in the world, we give our customers direct access to 200 countries and currencies. Through a single integration, insurers can use this network to pay claims in as fast as 45 seconds and deliver a superior claimant experience. Our market-leading treasury proposition provides insurers with transparency and control over their claim funds, even when delegated to third parties, allowing them to have their money in the right place, at the right time, to make that all-important payment when customers need it most.
With over 260 employees across our London headquarters, Europe, and the US, $93m Series C funding secured, and exceeding £15bn in processed transactions, we are only just getting started.
We are collaborative, customer centric and work with integrity, whilst partnering with some of the biggest insurance leaders including Lloyd's of London and Many Pets. We take huge pride in our company culture, ensuring that everyone has a part to play, an opportunity to be heard, be involved, and the ability to make a real difference. As we continue to scale up, we want like-minded humans to join us on this exciting journey.
Are you ready?
Your Mission:
We are seeking a skilled and motivated Information Security Analyst to join our team, reporting into the CISO. You will play a crucial role in safeguarding our organisations digital assets and infrastructure from cyber threats. You will be responsible for analysing security measures, identifying vulnerabilities, and help implement effective solutions to mitigate risks.
This role has a requirement for the jobholder to be part of an out of hours call-out rota, which will usually be 1 in 4 or 5 weeks, in addition to being available for short-term assignments in the US to support our North American business.
The role will require at least 2 days onsite in our London office.
The ideal candidate will have a strong understanding of information security principles, excellent analytical skills, and the ability to adapt to evolving threats in the cybersecurity landscape.
Your Responsibilities:
Governance: Risk / Compliance / Assurance:
Monitor security systems including intrusion detection, firewalls, and SIEM. Collaborate with our external SOC to detect and respond to security incidents in a timely manner
Participate in incident response activities, including incident triage, containment, eradication, and recovery efforts
Conduct thorough investigations of security incidents and provide detailed reports on findings and recommendations for remediation
Help contribute to regular security assessments and audits to identify vulnerabilities and weaknesses in systems, networks, devices, and applications
Serve as a subject matter expert on security-related matters, providing guidance and support to other teams and departments as needed, and as reported through the help desk system
Collaborate with IT teams and other stakeholders, contributing to the design and implementation of security controls and measures to protect against cyber threats
Stay up to date with the latest security trends, technologies, and best practices, and provide recommendations for continuous improvement
Assist with the management of security awareness training and workshops for employees to educate them about security risks and best practices for maintaining a secure work environment
Participate in the development and maintenance of disaster recovery plans to ensure the organisation's ability to respond to and recover from security incidents
Collaborate with internal teams during due diligence exercises to ensure that key security controls are documented as part of each submission
Requirements
Certifications such as CISSP, CISM, or CompTIA Security+, certifications are highly desirable
Proven experience working in information security, with a good understanding of security principles, protocols, and technologies
Experience with information security standards including ISO 27001, NIST and Cyber Essentials
Experience with security assessment tools and techniques, including vulnerability scanning and penetration testing
Good understanding of Microsoft Azure, Office 365 and Microsoft E5 security tooling
Strong analytical and problem-solving skills, with the ability to analyse complex systems and identify security risks and vulnerabilities
Excellent communication and interpersonal skills, with the ability to effectively convey technical information to non-technical stakeholders
Ability to work independently and collaboratively in a fast-paced environment, with a strong sense of accountability and attention to detail
Sound judgment and decision-making abilities, especially in high-pressure situation