Information Security Risk Specialist

Job Description

About Tide At Tide, we are building a business management platform designed to save small businesses time and money. We provide our members with business accounts and related banking services, but also a comprehensive set of connected administrative solutions from invoicing to accounting. Launched in 2017, Tide is now used by over 1 million small businesses across the world and is available to UK, Indian and German SMEs. Headquartered in central London, with offices in Sofia, Hyderabad, Delhi, Berlin and Belgrade, Tide employs over 2,000 employees. Tide is rapidly growing, expanding into new products and markets and always looking for passionate and driven people. Join us in our mission to empower small businesses and help them save time and money. About The Team The Information Security Risk team is a 2nd line of defence (2LOD) team that manages Tide’s information security governance, risk & compliance programme. As part of the wider Risk & Compliance team, the Infosec Risk team works closely with 1LOD control owners such as the Infosec, IT and Cloud teams, in order to ensure continued compliance and risk management. About The Role As Information Security Risk Specialist you’ll be: Driving and leading specific aspects of information security risk management in line with Tide’s global Risk Management Framework. Managing designated areas within Tide’s Information Security Management System (ISMS). Collaborating with business stakeholders (1LOD) to deliver risk mitigation activities. Ensuring alignment with industry standards like ISO 27001, PCI DSS, and NIST CSF. Conducting information security risk assessments and control oversight. Defining and tracking key risk indicators and ISMS performance metrics. Contributing to the creation of GRC reports for senior management. Supporting external audits and working with teams (1LOD and 3LOD) to address information security audit findings. Reinforcing a strong security culture within the business through various initiatives. Staying abreast of applicable regulatory requirements and new compliance developments. What We Are Looking For We're seeking a proactive individual with a strong understanding of information security risk, and a desire to contribute to our risk reduction and continuous improvement efforts. You'll join a dedicated team of GRC specialists who work across the business to identify and manage risk at Tide. The ideal candidate will have: 4-7 years of experience in an information security or GRC-related role. Experience leading or significantly contributing to projects and collaborating with different teams. Good communication and interpersonal skills. Some experience in a financially regulated environment is a plus, especially in technology-driven or scale-up settings. A solid understanding of information security principles and concepts. Familiarity with information security controls in a modern corporate environment. Experience contributing to or supporting an ISMS in accordance with ISO 27001. Familiarity with common security and GRC tooling. What You’ll Get In Return Our location-specific employee benefits are designed to cater to the unique needs of Tideans: Self & Family Health Insurance Term & Life Insurance OPD Benefits Mental wellbeing through Plumm Learning & Development Budget WFH Setup allowance 15 days of Privilege leaves 12 days of Casual leaves 12 days of Sick leaves 3 paid days off for volunteering or L&D activities Stock Options TIDEAN WAYS OF WORKING At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams. While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community. TIDE IS A PLACE FOR EVERYONE At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives. We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard. At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard. You personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice .