Senior Information Security Analyst

You will need to login before you can apply for a job.

Senior Information Security Analyst

Runa is pioneering a first-of-its-kind payment rail that enables the seamless, global money movement at scale. Legacy banking and payment infrastructure struggles to support the demands of today's low-volume, high-velocity payouts, leading to inefficiencies in global payouts. Businesses worldwide send over $20 trillion annually in rewards, remittances, and disbursements often incurring costs of up to 50% per transaction and subjecting recipients to lengthy delays.

Runa transforms this landscape by providing a new digital payments infrastructure that empowers businesses to send digital money instantly and cost-free to anyone, anywhere. The Runa API empowers thousands of businesses to make payments to 5 billion+ consumers in 190+ countries instantly to cards, wallets, bank accounts and gift cards. Leading companies such as Sodexo, TopCashback, Perkbox, Sweatcoin, Coinbase, and Globetopper rely on Runa to facilitate instant, flexible global payouts to tens of millions of consumers.

The Role

The Senior Information Security Analyst ensures security controls, policies, and processes are embedded across the organisation. You will enhance cybersecurity by implementing strategies, analysing breaches, and ensuring compliance. This role is key in guiding engineering teams on application security and integrating security best practices across our technology stack.

What Excites You

• Help build world-class security practices and controls within a high-growth financial technology business shaping the future of payments.
• Conduct vulnerability assessments, lead external penetration testing, and risk analysis to identify weaknesses in applications, systems, and networks.
• Develop and maintain security policies, processes, procedures, and documentation.
• Champion security by design and lead threat modelling across our products.
• Drive incident response planning and execution in collaboration with key stakeholders.
• Partner with Engineering, IT, and business teams to implement and enhance security measures.
• Work cross-functionally with engineers, designers, and commercial teams to support secure product development.
• Monitor, analyse, and respond to security events using advanced tools and techniques.
• Ensure compliance with regulatory frameworks such as GDPR, ISO 27001, CCPA and other relevant frameworks.

What Excites Us

• Experience in the Information and Cyber Security space with a focus on GRC, ideally within a high growth technology business.
• A breadth of experience across cloud & application security, infrastructure & network security especially AWS. Good understanding of AWS serverless security controls.
• Good understanding of software development processes.
• Experience with ISO 27001 or SOC 2 implementations and maintenance.
• Knowledge of payment security standards (PCI DSS).
• Awareness of the security threat landscape.
• Good attention to detail and outstanding communication skills.
• Self-starter and strong problem-solving abilities.
• Security/DevSecOps tooling experience are advantages.

It's not essential, but we would love to hear about if you have experience with / certifications in:

• Cyber Security tools
• ISO 27001 Lead Implementer/Auditor
• CISSP, CEH, CISM, CRISC or AWS

What's in it for you

We have a hybrid structure with the requirement of 1-2 days a week at our London Office (Shoreditch)

£1,000 annual L&D allowance to invest in mastering your craft, including accredited studies. Plus 5 L&D days per year

25 days holiday + public holidays

Runa Reset Days - Runa closes on the first Friday of each quarter for a well-deserved, Reset Day

Summer Hours - In the month of August, we log off at 3pm on Fridays.

Work from anywhere for up to 45 calendar days a year

Participation in the Employee Options pool giving you ownership in Runa

Private Medical + Dental Health Insurance with Bupa

Enhanced parental leave for all new parents, up to 16 weeks full pay

We are currently working towards salary transparency however we are not there just yet so our talent team will discuss this during the initial call to ensure that the right expectations are given.

The Interview Process

• Call with Talent Partner
• Hiring Manager Interview
• Technical Interview
• Values Interview

Want to learn more about life at Runa and our hiring process? Visit our Candidate Hub: https://runahq.notion.site/runa-candidate-hub

Diversity and Inclusion

We are committed to providing a hiring and working experience in which all people feel they are equally respected and valued regardless of race, religion, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Create a job alert and receive personalised job recommendations straight to your inbox.