Senior Information Security Analyst
Senior Information Security Analyst
Runa is pioneering a first-of-its-kind payment rail that enables the seamless, global money movement at scale. Legacy banking and payment infrastructure struggles to support the demands of today's low-volume, high-velocity payouts, leading to inefficiencies in global payouts. Businesses worldwide send over $20 trillion annually in rewards, remittances, and disbursements often incurring costs of up to 50% per transaction and subjecting recipients to lengthy delays.
Runa transforms this landscape by providing a new digital payments infrastructure that empowers businesses to send digital money instantly and cost-free to anyone, anywhere. The Runa API empowers thousands of businesses to make payments to 5 billion+ consumers in 190+ countries instantly to cards, wallets, bank accounts and gift cards. Leading companies such as Sodexo, TopCashback, Perkbox, Sweatcoin, Coinbase, and Globetopper rely on Runa to facilitate instant, flexible global payouts to tens of millions of consumers.
The Role
The Senior Information Security Analyst ensures security controls, policies, and processes are embedded across the organisation. You will enhance cybersecurity by implementing strategies, analysing breaches, and ensuring compliance. This role is key in guiding engineering teams on application security and integrating security best practices across our technology stack.
What Excites You
Help build world-class security practices and controls within a high-growth financial technology business shaping the future of payments.
Conduct vulnerability assessments, lead external penetration testing, and risk analysis to identify weaknesses in applications, systems, and networks.
Develop and maintain security policies, processes, procedures, and documentation.
Champion security by design and lead threat modelling across our products.
Drive incident response planning and execution in collaboration with key stakeholders.
Partner with Engineering, IT, and business teams to implement and enhance security measures.
Work cross-functionally with engineers, designers, and commercial teams to support secure product development.
Monitor, analyse, and respond to security events using advanced tools and techniques.
Ensure compliance with regulatory frameworks such as GDPR, ISO 27001, CCPA and other relevant frameworks.
What Excites Us
Experience in the Information and Cyber Security space with a focus on GRC, ideally within a high growth technology business.
A breadth of experience across cloud & application security, infrastructure & network security especially AWS. Good understanding of AWS serverless security controls.
Good understanding of software development processes.
Experience with ISO 27001 or SOC 2 implementations and maintenance.
Knowledge of payment security standards (PCI DSS).
Awareness of the security threat landscape.
Good attention to detail and outstanding communication skills.
Self-starter and strong problem-solving abilities.
Security/DevSecOps tooling experience are advantages.
It’s not essential, but we would love to hear about if you have experience with / certifications in:
Cyber Security tools
ISO 27001 Lead Implementer/Auditor
CISSP, CEH, CISM, CRISC or AWS
What’s in it for you
We have a hybrid structure with the requirement of 1-2 days a week at our London Office (Shoreditch)
£1,000 annual L&D allowance to invest in mastering your craft, including accredited studies. Plus 5 L&D days per year
25 days holiday + public holidays
Runa Reset Days - Runa closes on the first Friday of each quarter for a well-deserved, Reset Day
☀️ Summer Hours - In the month of August, we log off at 3pm on Fridays.
️ Work from anywhere for up to 45 calendar days a year
Participation in the Employee Options pool giving you ownership in Runa
Private Medical + Dental Health Insurance with Bupa
Enhanced parental leave for all new parents, up to 16 weeks full pay
We are currently working towards salary transparency however we are not there just yet so our talent team will discuss this during the initial call to ensure that the right expectations are given.
The Interview Process
Call with Talent Partner ☎️
Hiring Manager Interview
Technical Interview
Values Interview
Want to learn more about life at Runa and our hiring process? Visit our Candidate Hub: https://runahq.notion.site/runa-candidate-hub
Diversity and Inclusion
We are committed to providing a hiring and working experience in which all people feel they are equally respected and valued regardless of race, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Apply to this Job