Information Security Analyst
Roman Health Pharmacy LLC, Berlin, CT, United States
The Purpose
The payments ecosystem is evolving quickly and PPRO is at the heart of this transformation, with trust and security enabling us to move fast, safely. We’re looking for an Information Security Analyst to help us evolve what great Governance, Risk, and Compliance (GRC) looks like in a modern, API‑first global payments company.
You’ll help us build a living, breathing system of trust based on streamlined automation and continuous compliance. If you have a passion for ISO frameworks, an innovative, problem‑solving mindset and a drive to automate, simplify and challenge the status quo, you’ll thrive in this role.
What you’ll do
Evolve the Information Security Management System (ISMS) : support and continuously improve PPRO’s Information Security Management System, aligned to ISO/IEC 27001:2022. You’ll independently manage our ISMS to ensure it stays relevant, practical and scales with our growth.
Audit & assurance innovation : play a key role in the ISO certification lifecycle, proactively finding ways to integrate continuous control monitoring and automated assurance, leveraging tools like Vanta.
Embed native security : collaborate cross‑functionally with Engineering and Product teams, working to embed controls seamlessly into daily workflows.
Proactive risk management : actively identify risks, maintain the risk register and drive meaningful risk treatment. You’ll connect your day‑to‑day work with PPRO’s overall strategy, focusing on the effectiveness of controls rather than checkbox compliance.
Customer‑centric due diligence : support vendor security reviews and customer due diligence, continually considering the customer’s perspective in your decision‑making, helping to build trust both internally and externally.
Modernise security awareness : design and deliver engaging, data‑informed security education and awareness campaigns that change behaviour and cultivate a proactive, security‑first culture across PPRO.
Champion continuous improvement : continuously challenge the status quo, suggest innovative ideas for automation and experiment with new technologies (including AI) to enhance risk insight and evidence collection.
What makes you a great fit
Core experience : solid, hands‑on experience supporting or running an ISMS aligned to ISO/IEC 27001:2022, with practical exposure to audits, risk management and control testing.
Engineering mindset : look at manual, repetitive compliance tasks and immediately think about how to automate or streamline them. Familiarity with automation platforms, scripting, or tools like Vanta is a plus.
Exceptional ownership : approach work with a commitment to excellence. Manage time effectively, anticipate issues before they arise and decide independently how to approach task‑related challenges.
Nuanced communication : adapt communication style to engage different stakeholders, translate complex security concepts into actionable, pragmatic insights for developers and business leaders alike, and build empathy and shared understanding.
Curiosity and adaptability : enthusiastic about acquiring new skills and happy to step out of comfort zone and adjust ways of working to accommodate team needs in a dynamic environment.
Business acumen : understand the fintech/payments market and competitors, balancing security risks with business reality and speed.
What's in it for you?
Hybrid working
– We offer a hybrid structure with a 3 days / week on site expectation, so you can strike a balance between office and home working. In addition to our 30‑day holiday allowance, we also provide a work from abroad policy, enabling employees to work remotely for up to another 30 days per year.
Learning and Development
– We offer a €1,000 annual budget to support your professional growth, and provide leadership cafés, on‑the‑job training, and other opportunities to help you grow your skills and thrive in your role.
Insurance
– We provide various insurances including accident insurance, disability insurance, direct insurance (bAV) and travel insurance.
Gym membership
– PPRO helps contribute toward the costs of your gym membership.
Enhanced family leave
– Offer to support you during key life moments.
Mental Health Platform
– Provide one‑on‑one therapy, chat therapy, therapist‑led courses, guided meditations, and more.
Pet‑friendly office
– Work with your companions by your side.
#J-18808-Ljbffr
The payments ecosystem is evolving quickly and PPRO is at the heart of this transformation, with trust and security enabling us to move fast, safely. We’re looking for an Information Security Analyst to help us evolve what great Governance, Risk, and Compliance (GRC) looks like in a modern, API‑first global payments company.
You’ll help us build a living, breathing system of trust based on streamlined automation and continuous compliance. If you have a passion for ISO frameworks, an innovative, problem‑solving mindset and a drive to automate, simplify and challenge the status quo, you’ll thrive in this role.
What you’ll do
Evolve the Information Security Management System (ISMS) : support and continuously improve PPRO’s Information Security Management System, aligned to ISO/IEC 27001:2022. You’ll independently manage our ISMS to ensure it stays relevant, practical and scales with our growth.
Audit & assurance innovation : play a key role in the ISO certification lifecycle, proactively finding ways to integrate continuous control monitoring and automated assurance, leveraging tools like Vanta.
Embed native security : collaborate cross‑functionally with Engineering and Product teams, working to embed controls seamlessly into daily workflows.
Proactive risk management : actively identify risks, maintain the risk register and drive meaningful risk treatment. You’ll connect your day‑to‑day work with PPRO’s overall strategy, focusing on the effectiveness of controls rather than checkbox compliance.
Customer‑centric due diligence : support vendor security reviews and customer due diligence, continually considering the customer’s perspective in your decision‑making, helping to build trust both internally and externally.
Modernise security awareness : design and deliver engaging, data‑informed security education and awareness campaigns that change behaviour and cultivate a proactive, security‑first culture across PPRO.
Champion continuous improvement : continuously challenge the status quo, suggest innovative ideas for automation and experiment with new technologies (including AI) to enhance risk insight and evidence collection.
What makes you a great fit
Core experience : solid, hands‑on experience supporting or running an ISMS aligned to ISO/IEC 27001:2022, with practical exposure to audits, risk management and control testing.
Engineering mindset : look at manual, repetitive compliance tasks and immediately think about how to automate or streamline them. Familiarity with automation platforms, scripting, or tools like Vanta is a plus.
Exceptional ownership : approach work with a commitment to excellence. Manage time effectively, anticipate issues before they arise and decide independently how to approach task‑related challenges.
Nuanced communication : adapt communication style to engage different stakeholders, translate complex security concepts into actionable, pragmatic insights for developers and business leaders alike, and build empathy and shared understanding.
Curiosity and adaptability : enthusiastic about acquiring new skills and happy to step out of comfort zone and adjust ways of working to accommodate team needs in a dynamic environment.
Business acumen : understand the fintech/payments market and competitors, balancing security risks with business reality and speed.
What's in it for you?
Hybrid working
– We offer a hybrid structure with a 3 days / week on site expectation, so you can strike a balance between office and home working. In addition to our 30‑day holiday allowance, we also provide a work from abroad policy, enabling employees to work remotely for up to another 30 days per year.
Learning and Development
– We offer a €1,000 annual budget to support your professional growth, and provide leadership cafés, on‑the‑job training, and other opportunities to help you grow your skills and thrive in your role.
Insurance
– We provide various insurances including accident insurance, disability insurance, direct insurance (bAV) and travel insurance.
Gym membership
– PPRO helps contribute toward the costs of your gym membership.
Enhanced family leave
– Offer to support you during key life moments.
Mental Health Platform
– Provide one‑on‑one therapy, chat therapy, therapist‑led courses, guided meditations, and more.
Pet‑friendly office
– Work with your companions by your side.
#J-18808-Ljbffr