Security Analyst

Job Description
Deriv (Europe) Ltd in Malta is looking to recruit a Security Analyst to join their team on a full-time basis. 

As a Senior Security Analyst, you'll make online trading secure for Deriv's clients at all times. We are an online trading company with a fleet of 150+ servers and a growing client base of 2 million who depend on us to secure their funds and data. In your role as a DevSecOps expert, you'll be instrumental in developing and implementing security policies, processes, and controls to protect our systems and network. With your experience in outlining and assessing regulatory, statutory, and security requirements, you’ll be elemental in helping us defend against security threats.

Your challenges:

• Validate adherence with security and compliance requirements by checking documented processes and standards to prevent security failures and reduce information security risks.
• Manage company-wide compliance across diverse security frameworks, including NIST and PCI, and maintain a record of Deriv’s regulatory requirements and corresponding mitigating controls.
• Champion security aspects in IT projects and ensure all necessary policies and risk issues are addressed throughout the project life cycle.
• Conduct security reviews, internal risk, and compliance assessments, monitor third-party risk assessments, and support third-party audits when acquiring new licenses.
• Develop the key performance metrics to track and ensure compliance with the processes, procedures, and security controls.

Our team:
We are the Information Security team. We’re the first line of defense against hackers and security flaws that may impact our trading operations and global client base. We manage threats and potential security risks through smart strategies, airtight policies, meticulous communication, and technical execution.

Requirements:

• Degree in IT or a relevant field, or equivalent work experience
• 6+ years of relevant experience in maintaining security policies, conducting security control assessments or audits
• In-depth understanding of how compliance works with cloud-native technology stacks
• Good knowledge of compliance and regulations
• Experience in common information security frameworks such as NIST, FISMA, CIS, GDPR, and ISO 2700x series
• Ability to work both independently and with multiple teams
• Good interpersonal skills
• Fluency in spoken and written English
   

What’s good to have:

• Strong CMMI skills
• Industry certifications such as CISA, CISM, CRISC, CISSP, ISAAP, and AWS Solutions Architect are highly desired
• Certification of AWS Certified Solutions Architect – Associate

Benefits:

• Market-based salary
• Annual performance bonus
• Health benefits
• Casual dress code
• Travel and internet allowances.