Information Security Risk Manager

About this role

Requirements

• We are looking for an information security expert with a great eye for risk reduction and continual improvement opportunities. You’ll join an ambitious team of highly motivated GRC specialists, who interface with all areas of the business in order to identify and manage risk at Tide. The ideal candidate will have:
• At least 7 years experience in an information security GRC role
• Experience managing and leading cross-functional projects
• Excellent communication and stakeholder management skills
• Experience in a financially regulated environment – preferably in technology-driven & scale-up environments or consulting & audit environments
• Good technical knowledge in the field of information security
• Experience oversighting information security controls in a modern corporate environment (cloud-based, infrastructure-as-code, zero trust)
• Experience implementing and/or managing an ISMS in accordance with ISO 27001:2022
• Familiarity with common security and GRC tooling
• WHAT YOU’LL GET IN RETURN:
• Our location-specific employee benefits are designed to cater to the unique needs of Tideans:
• Competitive Compensation - competitive salary and share options
• Time Off – Generous annual leave on top of bank holidays
• Parental Leave – Paid maternity, paternity, and adoption leave to support your family journey
• Sabbatical – Extended unpaid and paid leave options after completing milestone years with Tide
• Health Insurance – Private health insurance with Bulgaria Zdrave, including extra dental care
• Mental Wellbeing – Access to therapy sessions, courses, meditations, and workshops
• Volunteering & Development Days – Paid days annually for volunteering or personal growth
• Learning & Development – Annual budget for books, courses, coaching, and more
• WOO (Work Outside the Office) – Work from abroad for up to 90 days annually
• Home Office Setup – Contribution towards setting up your home office
• Laptop Ownership – Keep your old laptop and get a new one when it’s time for a replacement
• Fully Covered Multi Sports Card – Granting access to hundreds of gyms and pools across Bulgaria
• Monthly Food Vouchers -– Monthly food vouchers to enjoy your favorite meals with Edenred +
• Snacks & Meals – Daily breakfast spread with all-day coffee, tea, and juices
• TIDEAN WAYS OF WORKING
• At Tide, we champion a flexible workplace model that supports both in-person and remote work to cater to the specific needs of our different teams.
• While remote work is supported, we believe in the power of face-to-face interactions to foster team spirit and collaboration. Our offices are designed as hubs for innovation and team-building, where we encourage regular in-person gatherings to foster a strong sense of community.
• TIDE IS A PLACE FOR EVERYONE
• At Tide, we believe that we can only succeed if we let our differences enrich our culture. Our Tideans come from a variety of backgrounds and experience levels. We consider everyone irrespective of their ethnicity, religion, sexual orientation, gender identity, family or parental status, national origin, veteran, neurodiversity or differently-abled status. We celebrate diversity in our workforce as a cornerstone of our success. Our commitment to a broad spectrum of ideas and backgrounds is what enables us to build products that resonate with our members’ diverse needs and lives.
• We are One Team and foster a transparent and inclusive environment, where everyone’s voice is heard.
• At Tide, we thrive on diversity, embracing various backgrounds and experiences. We welcome all individuals regardless of ethnicity, religion, sexual orientation, gender identity, or disability. Our inclusive culture is key to our success, helping us build products that meet our members' diverse needs. We are One Team, committed to transparency and ensuring everyone’s voice is heard.
• Disclaimer
• It has come to our attention that individuals or agencies are falsely claiming to represent Tide and are reaching out to candidates regarding job opportunities. Please be aware that:
• Tide does not charge any fees at any stage of the recruitment process.
• All official Tide job opportunities are listed exclusively on our Careers Page and applications should be submitted through this channel.
• Communication from Tide will only come from an official @tide.co email address.
• Tide does not work with agencies or recruiters without prior formal engagement, and we do not authorize third parties to make job offers on our behalf.
• If you are contacted by anyone misrepresenting Tide or requesting payment, please treat it as fraudulent and report it to us immediately at talent@tide.co
• Your safety and trust are important to us, and we are committed to ensuring a fair and transparent recruitment process.
• Tide leverages AI to enhance our hiring experience. You can read more about how we use AI in our recruitment process in our AI Policy.
• Your personal data will be processed by Tide for recruitment purposes and in accordance with Tide's Recruitment Privacy Notice.

About Tide

At Tide we help SMEs save time (and money) in the running of their businesses by not only offering business accounts and related banking services, but also a comprehensive set of highly usable and connected administrative solutions from invoicing to accounting. Tide is transforming the small business banking market with over 1.8 million members globally across the UK, India, Germany and France. Using advanced technology, all solutions are designed with SMEs in mind. With quick onboarding, low fees and innovative features, we thrive on making data-driven decisions to serve our mission: to help SMEs save both time (and money) so they can get back to doing what they love. Tide facts: Tide is available for UK, Indian, German and French SMEs Over 1.8 million members: 800,000 UK and 1,000,000 in India and growing rapidly Over $300 million raised in funding Over 2,500 Tideans globally - we’re diversity champions! We have offices in Central London, with a member support and technology centre in Sofia, Bulgaria, technology centres in Serbia, Romania, Lithuania and Hyderabad and offices in Gurugram and New Delhi, and in Berlin, Paris and Luxembourg. ABOUT THE TEAM: The Information Security Risk team is a 2nd line of defence (2LOD) team that manages Tide’s information security governance, risk & compliance programme. As part of the wider Risk & Compliance team, the Infosec Risk team works closely with 1LOD control owners such as the InfoSec, IT and Cloud teams, in order to ensure continued compliance and risk management. ABOUT THE ROLE: As Information Security Risk Manager you’ll be: Managing information security risk in accordance with Tide’s global Risk Management Framework. Managing Tide’s Information Security Management System (ISMS). Working with 1LOD stakeholders across the business in order to deliver risk mitigation initiatives. Ensuring alignment with industry recognised information security control frameworks and standards, such as ISO 27001, PCI DSS, NIST CSF. Conducting information security risk assessments and control oversight. Defining and measuring key risk indicators and ISMS performance metrics. Creating data driven GRC reporting and delivering to senior management. Facilitating external audit requirements, and working with stakeholders across 1LOD and 3LOD to close information security audit findings. Reinforcing a strong security culture throughout the business. Ensuring Tide’s compliance with applicable regulatory requirements, and keeping abreast of new regulatory and compliance developments.