Our Commitment to DE&I
At Moneybox, we promote, support and celebrate inclusion, diversity and equity for all, so that everyone can bring their full selves to work. We believe that diversity drives innovation, and that if our team is representative of our community of customers, we can better support their needs. To ensure our recruitment processes provide an equal opportunity for all applicants to succeed, we encourage you to let us know if there are any adjustments that we can make. We are open-minded and always willing to go the extra mile to ensure all applicants can present their full self and potential
About Moneybox
Moneybox is the award-winning app that helps you turn your money into something greater. We’ve brought saving, investing, home-buying, and retirement services all together into one simple app, so it’s easier than ever to achieve your goals and build wealth, whatever your starting point.
Job Brief
Moneybox is growing and maturing as a technology-led financial services business, all whilst the cyber threat landscape is constantly evolving. This role will be helping to implement and maintain a second line of defence Information Security function delivering across the breadth of the business. You will be able to combine technical expertise with strong personal qualities to effectively protect our information assets.
The role will suit an ambitious analyst who wants to drive and improve processes, take ownership, and champion security across the business.
What you’ll do
- Uphold and enforce information security standards and policies, serving as a primary resource for internal stakeholders championing all things Information Security across the business.
- Assist Moneybox in achieving and maintaining industry-recognised certifications such as Cyber Essentials, NIST CSF, and, eventually, ISO 27001.
- Identify and manage risks in accordance with the enterprise-wide risk framework to ensure the triage, review, and ongoing management of information security risks.
- Conduct third-party due diligence to ensure Moneybox’s standards are upheld throughout our supply chain.
- Collaborate with Workplace Technology on vulnerability management, build reviews, user access reviews, and security controls to ensure the cybersecurity of our IT systems.
- Maintain the Information Asset Register and other trackers to stay current on documentation and evidence of controls.
- Triage and respond to information security incidents (e.g., phishing, lost laptops, DLP alerts) to maintain Moneybox’s resilience against threats.
- Act as a deputy for the Information Security Manager when necessary.
- Collect information for governance meetings, attending and presenting as required.
- Gather and disseminate actionable threat intelligence to keep information security current with new developments.
- Develop and implement information security training and awareness initiatives to educate employees.
- Operationalise and document new security processes as they are developed.
- Provide information security input for Data Protection risk assessments.
- Support compliance with regulatory requirements such as REP018, EBA Guidelines, and UK GDPR.
Who you are
- A driven, ambitious individual who’s looking to build their career at an exciting fast-growing company.
- A professionally inquisitive problem solver looking to enable the business to succeed without a heavy handed approach.
- Able to adjust to new technologies, evolving threats, and changing regulations, remaining focused and effective during security incidents.
- Naturally personable, great communicator who has a passion for their work and the people they work with
- Excited about being part of a fast-growing company that’s trying to make a positive mark on the world
- Knows have to have fun whilst maintaining a professional outlook
Experience and skills
- Experience in information security management: This includes familiarity with industry-standard frameworks like NIST CSF, ISO 27001, or SOC2,
- Knowledge of risk management methods and third party risk management (TPRM)
- Practical knowledge of security technologies: The candidate should be comfortable with tools like Anti-Malware Solutions, DLP, Identity and Access Management, SIEM, and cloud technologies.
- Understanding of financial services and their regulatory environment: to align security measures with industry-specific requirements.
- Knowledge of the Software Development Lifecycle (SDLC): to help integrate security practices into the development process.
- Understanding of Data Protection/Privacy and ICO regulatory requirements: to help signpost the business towards the data protection team.
- Excellent communication and collaboration skills: The analyst must be able to clearly convey technical information to various stakeholders and work effectively across teams.
What’s in it for you?
- Opportunity to join a fast-growing, award-winning and super ambitious business.
- Work with a friendly team of highly motivated individuals.
- Be in an environment where you are listened to and can actually have an impact.
- Thriving collaborative and inclusive company culture.
- Competitive remuneration package.
- Company shares
- Company pension scheme
- Hybrid working environment
- Home office furniture allowance
- Personal Annual Learning and Development budget
- Private Medical Insurance
- Health Cash Plan (cashback on visits to the dentist & opticians etc)
- Cycle to work scheme
- Gympass subscription to a variety of gyms and wellbeing apps
- Enhanced parental pay & leave
- 25 days holiday + bank holidays with additional days added with length of service.
This is a hybrid role. Our office is in London, by the Oxo Tower
Visa Sponsorship:
At this time we cannot offer visa sponsorship for this role and we cannot consider overseas applications.
Working Policy:
We have a hybrid policy that includes 2 days from our London office and 3 from home. If the role states it is either hybrid or remote candidates must be based within the UK.
At Moneybox, we promote, support and celebrate inclusion, diversity and equity for all, so that everyone can bring their full selves to work. We believe that diversity drives innovation, and that if our team is representative of our community of customers, we can better support their needs. To ensure our recruitment processes provide an equal opportunity for all applicants to succeed, we encourage you to let us know if there are any adjustments that we can make. We are open-minded and always willing to go the extra mile to ensure all applicants can present their full self and potential
Please read before you apply!
By sending us your application you acknowledge and agree to Moneybox using your personal data as described below.
We collect applicants’ personal data to manage our recruitment related activities. Consequently, we may use your personal data to evaluate your application, to select and shortlist applicants, to set up and conduct interviews and tests, to evaluate and assess the results, and as is otherwise needed in the recruitment process generally.
We do not share your personal data with unauthorised third parties. However, we may, if necessary, share your personal data to carefully selected third parties acting on our behalf. This may include transfers to servers and databases outside the country where you provided us with your personal data. Such transfers may include for example transfers and/or disclosures outside the European Economic Area and in the United States of America.
If you are unsuccessful in your application, we may keep your details on file so that we can tell you about other suitable vacancies which may be of interest to you when they arise in the future. If you would rather we did not keep your details on file, you can contact us at email:
DPO@moneyboxapp.com
APPLY NOW