We are currently operating Tandem on a hybrid work from home / work from office arrangement.

Core Details

Working Pattern: Monday to Friday (09:00-17:00)

Salary: £40,000-£50,000 + up to 20% bonus

The role

We’re Tandem. The UK’s fairer, greener, digital bank providing hard working people across the UK with sustainable ways to borrow and save.

With more than 500 people in London, Blackpool, Cardiff, Durham and Manchester, all working together to create a fairer, greener, more accessible bank for people across the UK.

We’re on a mission to proactively help our customers to reduce their carbon footprint and accelerate the UK to net-zero carbon emissions by 2050 and we need more people to help us achieve this goal.

We've taken the beliefs, behaviours, and personality and created four underpinning values. These values demonstrate our guiding principles and behaviours for everyone at Tandem. Our ambition is that these values are ingrained and always front of mind when we're engaging with our stakeholder audiences.  Our values are BRAVE, ENTERPRISING, SIMPLE and TOGETHER.

We’re building an amazing team and we’re looking for an ambitious and purpose-driven Information Security Risk and Compliance Analyst to join the team.

Reporting to the Head of Information Security, you will be mostly responsible for leading and managing information security risk and control assessments, information security status assurance initiatives and audits, Policy and Standards document compilation and compliance assessments.

If you’re innovative, curious and not afraid of a challenge, we’d love to hear from you. Your voice, ideas and drive will always find a home at Tandem.

Our team 

You will join a growing Information Security Team, which currently consists of a Head of Information Security, a Security Operations Lead and an Information Security Analyst. This is an exciting time to join the team as they are looking to build a mature security function, following a recent merge of 3 companies. This is a perfect role for a motivated and passionate candidate, which will also bring a variety of exposures and opportunities to learn.

What you will be working on:

The successful candidate will be responsible for the following:

  • Assisting to build an Information Security Risk Management & Governance Strategy;
  • Conducting information security risk assessments; working with frameworks such as ISO 27005 where applicable;
  • Identifying, recording controls and conducting assessments to establish if risk is mitigated to an acceptable level;
  • Participating and representing Information Security in Operational Resilience initiatives;
  • Supporting the Compliance initiatives where Information Security practices/requirements are mandated (e.g. PSD2, PCI DSS, GDPR);
  • Assisting with developing Tandem’s security culture and building security awareness campaigns;
  • Managing Information Security assurance reviews and attestations (e.g. SWIFT CSP, FCA/PRA CQUEST);
  • Drafting and maintaining Information Security Policy and Standards suite;
  • Supporting Internal and External Audits;
  • Establishing an Information Security Reporting Framework and building a reporting cadence for all relevant Committees and Board.

What we're looking for: 

The successful candidate will demonstrate the following experience, skills and behaviours:

Essential:

  • Experience with Risk Management Frameworks or best practice Risk Methodology such as
  • IRAM2 or ISO 27005;
  • Ability to articulate risks in both a technical and business-relevant format;
  • Capable to work independently and with teams across the organisation to conduct security risk and compliance assessments and guide the business in implementing good security practices;
  • 2+ years of experience working with Information Security risks and controls;
  • Experience and/or knowledge/understanding of Information Security hardening standards and frameworks (e.g. CIS, NIST, ISO 27001);
  • Strong understanding of cyber security risks and possible threats/vulnerabilities;
  • Good understanding of applicable security controls (Defence in Depth concept);
  • Excellent written and verbal communication skills;

Desirable:

  • Experience within the Finance Sector;
  • Degree or equivalent experience;
  • Broad technical IT background and experience with various cyber security platforms and IT systems (e.g. endpoint security solutions, vulnerability scanning platform, SIEMs);
  • Senior Security Management Certification (e.g. CISM, CISSP) not required, but is welcome.

Qualities we look for:

  • A passion for championing the customer
  • Motivated by purpose-led organisations
  • High levels of personal and professional integrity
  • Ability to operate both at a strategic level and to be hands-on
  • A positive, self-sufficient leader with excellent communication skills, intellect and energy
  • Very sound judgement and business instinct with a desire to challenge traditional thinking
  • Highly organised with a flexible approach to working
  • Communicates a compelling and inspired vision and sense of core purpose
  • Determined to succeed, high energy with humility and a strong personal drive
  • A collaborative working style
  • A very strong work ethic and a focus on delivery

You can find our Applicant Privacy Policy here.

Tandem Money is an equal opportunity employer and are committed to meeting our responsibilities under the Equality Act (2010). We respect the diverse experience and talents that every individual brings to our Company and we are determined to ensure that no applicant or employee receives less favourable treatment on the grounds of gender, age, disability, religion, belief, sexual orientation, marital status, or race, or is disadvantaged by conditions or requirements which cannot be shown to be justifiable.

Please be aware that background checking (including credit and criminal records checks) form part of our recruitment process. We will adhere to our duties under the Rehabilitation of Offenders Act 1974.

Our mission is to build a business of the future, that improves people's financial lives.

No agencies please.

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)
When autocomplete results are available use up and down arrows to review
+ Add Another Education