Information Security Analyst

  • Risk & Security
  • Remote job

Information Security Analyst

Job description


Xapo is a leading bitcoin wallet, and we have a mission to bring bitcoin to the everyday lives of people across the world.

Our business is growing fast, and we want to make sure we can keep providing the best quality support to our customers. We’re known for our fast responses to users, positive attitude, and a real desire to find the best working solutions to the people who chose to use Xapo’s products and services.


- High-level coordination and communication across various business units, overseeing operational execution of IT Security Policies, and ensuring regulatory IT Security compliance requirements
- Development, implementation, maintenance, enforcement and validation of information security policies, standards, methods and procedures
- Creation and reviewing of policies, procedures and processes to ensure compliance with changes in business or regulatory drivers
- Perform procedures and assessments necessary to ensure the safety of information system assets and to protect systems from intentional or inadvertent access or destruction
- Assess IT general controls and/or application layer security controls to ascertain whether they comply with XAPO Information Security policies and international standards
- Acquire a deep understanding of business processes and technology used within the areas to ensure that business is compliant with regulatory requirements and the XAPO Information Security Policy
- Investigate and document information security incidents
- Identify and evaluate technology risks internally and/or at third parties, internal controls which mitigate risks, and related opportunities for internal control improvements
- Ensure users understand and adhere to necessary procedures to maintain security.
- Build and implement an information security awareness program

Perks of working with Xapo

Absolute autonomy
Full-time remote work. Ideal location Latin America
Working as part of a global team
Learning from Silicon Valley’s brightest


5+ years of Risk Management, SOC1/2 and ISO 27001 Audits, Information Security controls
- Big 4, Consulting or IT internal audit experience.
- Information Security certification such as CISSP, CISSM, CRISC, CISA
- Knowledge of security controls for the handling of Personally Identifiable Information
(PII) data, regulations and security compliance requirements affecting financial institutions