Information Security Risk Analyst II | Join the GoHenry Security Squad!
GoHenry, in collaboration with PixPay and Acorns, is revolutionizing financial education for over 6 million members across 5 countries! We're building innovative tools that empower families and instill financial well-being from childhood to adulthood. Ready to make a real impact on the next generation's financial future?
We're seeking a talented and passionate Information Security Risk Analyst II to join our Global Infosec organization, working closely with the US Infosec team. This is your chance to play a pivotal role in safeguarding our platform, maintaining compliance, and nurturing a security-first culture. If you're driven by challenges and eager to protect a rapidly growing fintech leader, this is the perfect opportunity!
Your Mission at GoHenry:
Risk Assessment & Analysis: Dive deep into our systems, conduct thorough risk assessments to uncover vulnerabilities and potential threats. Analyze and prioritize risks, providing actionable recommendations tailored to GoHenry's unique business context.
Compliance & Audits: Develop and maintain robust security policies aligned with industry best practices. Be a key player in supporting audit activities (SOC2, PCI DSS) and ensuring compliance with cyber regulations across the UK, EU, and US financial sectors.
Identity & Access Management: Take ownership of Identity and Access Governance, ensuring secure and efficient access controls. Conduct quarterly access reviews and periodic role certifications in collaboration with system owners.
Cyber Security Support: Collaborate with our Application Security team on secure development lifecycle initiatives and security testing. Partner with our Cloud Security team to continuously monitor security controls within our cloud environments, with a keen focus on configuration assurance. Work with the IT team to ensure the effectiveness of our Endpoint security solutions
Training & Awareness: Craft and deliver engaging training programs to elevate security awareness among our employees, championing a strong security culture throughout the organization.
Communication & Collaboration: Effectively communicate complex cybersecurity issues, product requirements, and risks to stakeholders and senior management, ensuring alignment with GoHenry's business objectives.
What You'll Bring to the Table:
You're a detail-oriented security professional with a knack for understanding both technical security controls and regulatory compliance in the dynamic world of fintech. You thrive in a fast-paced environment and are passionate about protecting sensitive data.
Experience: Minimum of 4 years in Information Security / GRC, with proven experience in Information Security, Cyber Security, or IT Risk roles.
Risk Management Prowess: Hands-on experience performing formal risk assessments and managing risk registers.
Compliance Guru: Solid working knowledge of major security frameworks and regulatory requirements (e.g., ISO 27001, PCI DSS, SOC2, GDPR).
Technical Acumen: Familiarity with key concepts like secure development lifecycle, cloud security principles (AWS/Azure/GCP), and identity/access management.
Communication Mastery: Exceptional ability to translate complex technical risks into clear, business-focused language for both technical and non-technical audiences.
Bonus Points: Relevant industry certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
Tech Savvy: Hands-on experience with Security tools and Scripting will be a key differentiator.
Why Join GoHenry?
We offer a competitive package and a culture that prioritizes your professional growth, physical, and mental well-being. Here's a glimpse of what's in store:
GoFlex: Embrace work-life balance with our flexible work options – Work from Home, Office, or a mix of both.
Generous Time Off: Enjoy your Birthday off plus 25 days of annual leave, in addition to 8 UK bank holidays.
Continuous Learning: Benefit from an excellent Induction & onboarding program with ongoing learning & development opportunities throughout your career.
Health & Well-being: Choose between Bupa Health Cash Plan or Bupa Private Medical. Comprehensive Physical and Mental Wellbeing support and platforms for you and your family. Death in service – 4x your annual salary from month 1.
Family-Friendly Policies: Enhanced maternity leave – 20 weeks full basic pay after 2 years’ service and 26 weeks full basic pay after 3 years’ service. Paternity leave – 4 weeks full pay after probation.
Financial Perks: Workplace pension plan, Salary Sacrifice options, & great company events local & abroad!
About GoHenry: Empowering the Next Generation
We're on a mission to help every kid be smart with money. Our goal? Create generations of independent, confident young adults, armed with money skills that will set them up for life. We provide young people with the tools they need to master the financial ropes for themselves. They can spend, save, earn, and give with GoHenry's prepaid debit card and app – because learning through doing really works (and it's more fun!). All while our unique built-in controls give parents total peace of mind.
We're Proud To Say...
We ranked #38 in Newsweek's Top 100 Most Loved Workplaces in the UK in 2023.
We’re one of Tech Track’s top 50 fastest-growing UK companies.
We won Finders Kid’s Cards Customer Satisfaction Awards in 2022 and 2023.
We won the Tech for Good award at the Better Society Awards 2023.
Our kids and parents have donated over £500,000 of their own money to NSPCC via their GoHenry accounts.
But we’re still growing, and that’s why we need you.
GoHenry is an equal-opportunity employer, and we’re on a mission to foster a diverse & inclusive workplace. Individuals seeking employment at GoHenry are considered without regard to race, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, physical or mental disability, military or veteran status, or any other characteristic protected by applicable law.