Systems and IAM Analyst

InfoSec · London, London, City of
Department InfoSec
Employment Type Full-Time
Minimum Experience Mid-level

About Uphold

One of the fastest-growing fintech companies, Uphold is pursuing a mission to democratise investments and payments for people and companies worldwide. Founded in 2014, the Silicon Valley firm today has more than 3 million customers in over 150 countries and has enjoyed more than 2MM Mobile App downloads during the first quarter of 2020. A bridge between old and new money systems, Uphold allows people to buy, exchange and send more than 100 cryptocurrencies, precious metals, equities, and currencies instantly. An engineering-led company, Uphold provides a stimulating and challenging home for the brightest and best coding talent.


We stand by the idea that ‘source code is a liability, not an asset’, so we do our best to keep things simple, readable and less complex to manage.

We work collaboratively with a shared code ownership mindset to design and implement complex technical projects, balancing speed with quality, learning from our past mistakes, and allowing everyone time to take the challenge they see fit. 


If you’re a Rockstar and this sounds interesting and challenging, we want to hear from you. Apply here!


The opportunity: 

Uphold is looking for a Systems and IAM Analyst to join our Information Security team. This is an incredibly exciting opportunity where you’ll get to provide expert cyber security support for the Uphold team and its customers.


This role will report to the CISO, making sure our IAM solutions are running at maximum efficiency and the organisation is kept secure and in compliance.

This hands-on role will own the Identity and Access management function and will be responsible for both assessment, recommendation and some day to day operations of a mostly G-Suite heterogeneous environment.


The successful candidate will be enthusiastic to learn with a technical background, preferably in a support or consulting role. Previous knowledge of IAM is necessary. The candidate will receive training and opportunities to gain professional certifications. In addition to a competitive market rate salary, there would be real scope for career progression and expanding your skillset.


What you’ll be doing primarily:

RBAC 

  • Assess, review and (re)build role-based access profiles across the business, along with a process for managers to petition for changes
  • Publish access profiles for roles in an internal wiki and maintain version control across time
  • Review current systems access on a regular basis, finding deltas with known norms and assessing role profiles as and when needed


Identity 

  • Review, research and assess Upholds identity platform for weaknesses, improvements and possible integration opportunities to improve the identity management stance of the firm
  • Create, publish and maintain access wiki’s so that staff have a clear idea how access should be used
  • Be the company identity owner, answering questions and proselytizing whenever possible about the virtues of a healthy access management stance


Access

  • Ensure that access is granted, changed and revoked in line with the company’s policies, as they evolve
  • Write quarterly reports on the state of access within the firm, to be presented to Senior management
  • Support the business by being the IAM specialist and go-to person for questions and advice


Compliance

  • Maintain a systems register, cataloguing owner, data storage and access profiles
  • Implement rigid change control, as it relates to Identity and Access across the business
  • Perform regular, as well as random, access reviews across the firm from the analyst to the president
  • Assist in ongoing ISO27001 and SOC2 assessments


Exceptions

  • Deal with non-standard requests and suggestions with a considered appraisal and profile thoughtful solutions using the multifarious tools available to you.


Protection

Be aware of all the systems used in the company, be they internally built or SAAS deployed 

  • Monitor IAM system health, look for indications of Phishing and other attacks
    • Investigate using available tools and log incidents in the company Incident Response Platform
    • Perform log analysis during security related events, identifying and ensuring that critical events and alerts are escalated
    • Directly communicate with Google, learning the system and its specifications
  • Think of ways that access to them can be subverted by internal and external adversaries
  • Recommend tools to spot anomalies within our identity systems


Required qualifications:

  • Previous experience with Identity and Access Management solutions, working in support or consulting roles
  • Project management skills
  • System design experience
  • Bachelor’s degree in Engineering, Computer Science or equivalent work experience
  • Excellent written and oral communication skills
  • Strong troubleshooting and problem-solving skills
  • Team player with ability to work autonomously
  • Ability to prioritise work as required
  • Ability to be ‘on call’ if needed
  • Fluent written and oral English skills


Bonus if you have:

  • Fluency in cryptocurrencies or other digital assets as they are core to our business.
  • Community talks, certifications, and/or blog posts on your interests and research.


Importantly, if you’re looking for a senior role with us, you will have achieved many of the things above while also providing mentorship to others, and have engaged in public speaking opportunities.


What we have to offer you:

  • An amazing work environment in a company that continues to grow, driven by extraordinary and passionate people that keep up innovating and challenging more each day.
  • An international team, in a cutting edge field, working on the most fascinating projects.
  • Growth and career opportunities, and the chance to be proactive and creative.
  • A flexible and enthusiastic work environment that offers great benefits.
  • Open and transparent culture - we get together on a weekly basis to share updates, strategic plans, and engage with each other informally.
  • Interesting events that keep you connected with the team and celebrate our success.


Be part of a great company that is revolutionizing the financial services. Apply now!


If this job isn’t exactly what you are looking for, visit our careers page to check out all our exciting opportunities.  


EEOC Employer

We're proud to be an Equal Opportunity Employer and we celebrate our employees' differences, including race, color, religion, gender identity, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, and any other protected classes. Difference makes us stronger and better - together.



Thank You

Your application was submitted successfully.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

  • Location
    London, London, City of
  • Department
    InfoSec
  • Employment Type
    Full-Time
  • Minimum Experience
    Mid-level