Senior Third Party Risk Analyst

InfoSec · London, London, City of
Department InfoSec
Employment Type Full-Time
Minimum Experience Experienced

About Uphold

Uphold is an easy-to-use investments and payments app. Specialising in digital assets, we serve more than 7 million customers in 150 countries. We open around 15,000 accounts a day and provide consumers with a more versatile and cost-effective home for their daily financial lives. For businesses, we provide regulated infrastructure to connect crypto with fiat currencies. Today, we support 51 digital assets, 28 national currencies, four precious metals and fractional U.S. equities. 


Uphold’s unique trading experience - ‘Anything-to-Anything’ - allows customers to trade directly between any supported asset or currency in one step - physical gold to Bitcoin, for example - saving both time and money. Uphold supports financial inclusion by enabling customers virtually anywhere to open an account in less than 5 minutes and to invest with no minimum amounts. Customers can send money to virtually anyone with an email address free of charge. 


To learn more, please visit https://uphold.com

 

The opportunity 

Uphold is looking for a Senior Third Party Risk Analyst to join our Information Security team. This is an incredibly exciting opportunity where you’ll get to provide expert cyber security support for the Uphold team and its customers.


This role will report to the CISO, making sure that our suppliers are subject to the same high standards we are. The successful candidate will maintain a program to categorise vendors and suppliers based on their impact to the Confidentiality, Availability and Data Integrity needs of the business. Ensuring clear policy, procedure and auditability are at the core of our TPRM efforts.


The role will ensure the supplier inventory is maintained to a high standard, working with Risk and Security to orchestrate appropriate and ongoing assessment of our partners. They will be ready to perform an assessment of prospective vendors and provide timely responses to enquiry.


By definition, this person will be working inside as well as with outside parties and will need to manage their workload in a way that aligns with business risk appetite. They will create risk findings for sub-par suppliers, providing context to risk-inform the business and work with all stakeholders to resolve the issue.


What you’ll be doing primarily:

Lifecycle Management

  • Contribute to any third party activities (Onboarding, Due Diligence, Monitoring, Off-boarding)
  • Drive continuous evolution of all third party risk management processes
  • Be a key point of contact and report to various committees on key matters related to the third party risk management function
  • Lead projects related to the third party risk management programme
  • Work with legal, to ensure IT Security and Privacy requirements are upto date and added to new engagements


Constant Improvement

  • Deliver the day to day Third Party Risk Management Program; finding efficiencies, using tools and designing protocols for relationship owners to use and engage with the program
  • Conduct scheduled reassessment of Vendors on a periodic basis, ensuring you are aware how the business uses the vendor and therefore how to categorize them
  • Establish and drive best practice processes, ensure you are guided by the evolving risk and regulatory landscape
  • Deliver fully compliant end to end processes relating to Uphold regulatory obligations
  • Deliver onsite assessment of some critical third parties where necessary
  • Register risks when third parties fail to engage, or have insufficient controls
  • Risk-inform the relevant business group and ensure reporting across the Uphold third party estate is timely and accurate


Required qualifications:

  • 5+ years of experience supporting a TPRM function in a fast-paced environment (Banking, Tech, Retail, FMCG)
  • Experience working with Banking Entities and understanding of compliance requirements with Banking regulations
  • Relevant industry qualifications (e.g. MCIPS)
  • Fundamental knowledge of EBA Guidelines and CP30/19 preferred
  • Project management skills
  • Bachelor’s degree
  • Excellent written and oral communication skills
  • Team player with ability to work autonomously
  • Ability to prioritise work as required
  • Fluent written and oral English skills.


Bonus if you have:

  • Fluency in cryptocurrencies or other digital assets as they are core to our business.
  • Community talks, certifications, and/or blog posts on your interests and research.
  • Open source project contributions of any kind, such as tools developed to solve specific problems you’ve had or fixing issues on existing projects.


Importantly, if you’re looking for a senior role with us, you will have achieved many of the things above while also providing mentorship to others, and have engaged in public speaking opportunities.


What we have to offer you:

  • An amazing work environment in a company that continues to grow, driven by extraordinary and passionate people that keep up innovating and challenging more each day.
  • An international team, in a cutting edge field, working on the most fascinating projects.
  • Growth and career opportunities, and the chance to be proactive and creative.
  • A flexible and enthusiastic work environment that offers you snacks, a lot of coffee and other great benefits.
  • Open and transparent culture - we get together on a weekly basis to share updates, strategic plans, and engage with each other informally over food and drinks.
  • Interesting events that keep you connected with the team and celebrate our success.


Be part of a great company that is revolutionizing the financial services. Apply now {insert the link to the job opening in BambooHR}!


If this job isn’t exactly what you are looking for, visit our careers page to check out all our exciting opportunities.  


EEOC Employer

We're proud to be an Equal Opportunity Employer and we celebrate our employees' differences, including race, color, religion, gender identity, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, and any other protected classes. Difference makes us stronger and better - together.

Thank You

Your application was submitted successfully.

  • Location
    London, London, City of
  • Department
    InfoSec
  • Employment Type
    Full-Time
  • Minimum Experience
    Experienced