Information Security Risk Manager

ABOUT TIDE

At Tide, we are building a business management  platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting.

Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees.

Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money.

ABOUT THE TEAM

The Information Security Risk team is a 2nd line of defence (2LOD) team that manages Tide’s information security governance, risk & compliance programme. As part of the wider Risk & Compliance team, the Infosec Risk team works closely with 1LOD control owners such as the Infosec, IT and Cloud teams, in order to ensure continued compliance and risk management.

ABOUT THE ROLE

As Information Security Risk Manager you’ll be:

• Managing information security risk in accordance with Tide’s global Risk Management Framework.
• Managing Tide’s Information Security Management System (ISMS).
• Working with 1LOD stakeholders across the business in order to deliver risk mitigation initiatives
• Ensuring alignment with industry recognised information security control frameworks and standards, such as ISO 27001, PCI DSS, NIST CSF.
• Conducting information security risk assessments and control oversight.
• Defining and measuring key risk indicators and ISMS performance metrics.
• Creating data driven GRC reporting and delivering to senior management.
• Facilitating external audit requirements, and working with stakeholders across 1LOD and 3LOD to close information security audit findings.
• Reinforcing a strong security culture throughout the business.
• Ensuring Tide’s compliance with applicable regulatory requirements, and keeping abreast of new regulatory and compliance developments.

WHAT WE ARE LOOKING FOR

We are looking for an information security expert with a great eye for information security risk reduction and continual improvement opportunities. You’ll join an ambitious team of highly motivated GRC specialists, who interface with all areas of the business in order to identify and manage risk at Tidel. The ideal candidate will have:

• At least 7 years experience in an information security GRC role .
• Experience managing and leading cross-functional projects.
• Excellent communication and stakeholder management skills.
• Experience in a financially regulated environment – preferably in technology-driven & scale-up environments or consulting & audit environments.
• Good technical knowledge in the field of information security.
• Experience oversighting information security controls in a modern corporate environment (cloud-based, infrastructure-as-code, zero trust).
• Experience implementing and/or managing an ISMS in accordance with ISO 27001:2022.
• Familiarity with common security and GRC tooling.

WHAT YOU’LL GET IN RETURN

Our location-specific employee benefits are designed to cater to the unique needs of Tideans: 

• Self & Family Health Insurance
• Term & Life Insurance
• OPD Benefits
• Mental wellbeing through Plumm
• Learning & Development Budget
• WFH Setup allowance
• 15 days of Privilege leaves
• 12 days of Casual leaves
• 12 days of Sick leaves
• 3 paid days off for volunteering or L&D activities
• Stock Options

TIDEAN WAYS OF WORKING

At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. 

While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community. 

#LI-AC1 #LI-Hybrid

TIDE IS A PLACE FOR EVERYONE

At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. 

We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.

At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.

You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.