Career Opportunities: Security Compliance Analyst

GTN is a fintech pioneer with decades of success, holding broker-dealer and capital markets services licenses in multiple jurisdictions through its subsidiaries. We are committed to empowering brokers, banks, asset managers, and fintech with scalable and innovative investment and trading solutions that enable access to a comprehensive network of global markets and multiple asset classes, making investment and trading accessible for all. GTN's investment and trading solutions offer seamless integration with the existing services of regulated financial firms and fintech via our co-branded front-ends or versatile API suite. The GTN API suite, inspired by embedded finance, provides the adaptability to develop bespoke trading/investment applications or incorporate GTN features into existing platforms, enhancing their value proposition. In addition, our comprehensive global trading ecosystem includes best-in-class execution, custody, and post-trade solutions. Headquartered in Dubai, GTN brings together a diverse team of over 300 talented individuals spread across Dubai, Singapore, Hong Kong, South Africa, Sri Lanka, the UK, and the US, united by a shared passion and purpose: empowering clients and transforming the accessibility to investment and trading opportunities to all. Our Sri Lanka office is our tech hub and is at the core of what we do: Here we research, develop, text and launch scalable features for our B2B and B2B2C trading and investment technology. We are backed by strategic investors like the IFC, a member of the World Bank Group, and SBI Ventures Singapore Pte. Ltd., a group company of SBI Holdings, Inc., one of the largest financial services firms listed on the Tokyo Stock Exchange. To learn more, visit www.gtngroup.com or connect on LinkedIn What you will be doing: Maintain information security, privacy, and cybersecurity framework for cloud computing and continuous control monitoring activities. Research information security and privacy compliance frameworks ( such as ISO 27XXX, NIST, CSA CCM) and identify gaps in the current platforms Research data laws and financial regulatory guidelines for technical compliances to identify gaps in the current platforms Drive and coordinate the implementation of compliance initiatives (new controls, security processes, etc.) Draft, implement, and maintain internal and external guidelines, procedures, and other documentation related to security compliance Educate other teams on compliance workflows and processes and conduct awareness training Support internal and external audits, conducting security test plans and assessments as needed (you will review people, processes, and technologies for security posture improvements) Maintain and improve customer-facing documentation related to security compliance and maintain GTN Trust Center portal Support customer due diligence security questioners and continuously improve security assurance programs as a journey.  Job requirements: 2 - 3 years of experience in information security Governance, Risk and Compliance (GRC) implementations and gap assessments Good understanding of architecture aspects of information security Working experience with regulations/standards such as GDPR, ISO 27001/2, Cyber Essentials, etc. Excellent technical documentation writing skills and experience with tools, i.e., SharePoint and Jira, etc. Demonstrated experience with security control frameworks such ISO 27xxx, NIST, or similar (experience in SaaS industry preferred) Working understanding of how security compliance works Experience documenting and implementing security policies and procedures Demonstrated good cross-functional collaboration and project management skills Academic Qualifications: Bachelor’s degree in a relevant field (Computer Science, Software engineering, or Security) OR an equivalent combination of education, training, and experience ISO 27001 Lead Auditor/Implementer certification Soft Skills: A desire to learn, excellent personality skills, and the right attitude are mandatory Must be passionate about security compliance, data privacy, and continuing education outside of work and mentoring others Superb communication skills and a passion for helping others Excellent analytical and problem-solving skills. The ability to work both independently and in a diverse team is critical.