Security & IT Specialist

FINQ is on a mission to democratize investment and pension management by replacing outdated, conflicted systems with AI-driven financial products and services. We deliver transparent, personalized solutions—like SEC-compliant ETFs in the U.S. and a revolutionary digital pension platform in Israel. FINQ was founded by Nir Zuk, a technology visionary, and Eldad Tamir, a leading investment executive and entrepreneur.

Key Responsibilities

🔹 Cybersecurity & Data Protection (Internal & External)

Enforce strict in-house security policies to prevent unauthorized internal data access, copying, or extraction by employees or external parties.

Implement DLP (Data Loss Prevention) systems to monitor and restrict data transfers, ensuring no FINQ data is leaked or misused.

Secure network infrastructure, cloud environments, and endpoint devices from external cyber threats.

Oversee network security, endpoint security, cloud security, IAM, and SOC tools.

Regularly assess and update security protocols to stay ahead of cyber threats.

Manage IAM policies, ensuring employees can only access data relevant to their role.

Monitor third-party integrations, vendors, and service providers to ensure compliance with FINQ’s security standards.

🔹 IT Infrastructure & Security Operations

Monitor and document availability of all systems and external service providers by direct observation, remote connection, and through alerting systems and respond immediately to security or usability concerns.

Troubleshoot operational issues rapidly and analyze and resolve underlying issues to restore production systems and maintain continuity of business.

Maintain and optimize FINQ’s IT infrastructure, ensuring all systems, networks, and databases are secure.

Implement secure cloud storage policies and encryption techniques to protect sensitive financial data.

Manage user permissions, multi-factor authentication (MFA), and identity & access management (IAM) systems.

Oversee backup and disaster recovery strategies to ensure business continuity.

🔹 Security Compliance & Risk Management

Ensure compliance with financial security regulations, including SOC2, ISO 27001, GDPR, and other industry standards.

Conduct security audits, vulnerability assessments, and penetration tests to identify and mitigate risks.

Implement cybersecurity awareness training for employees to prevent internal security threats (e.g., phishing, insider threats).

Stay updated on emerging threats and security technologies, providing recommendations for continuous improvements.

🔹 Incident Response & Threat Mitigation

Develop and maintain incident response protocols to quickly detect, contain, and remediate cyberattacks.

Investigate and respond to security breaches, data leaks, or unauthorized access attempts.

Work with law enforcement and regulatory bodies when necessary to handle security incidents.

Requirements

✅ Experience & Skills:

5+ years of experience in IT security, cybersecurity, or network administration.

Strong knowledge of firewalls, VPNs, endpoint protection, and security monitoring tools.

Hands-on experience with cloud security (AWS, Azure, GCP).

Expertise in DLP (Data Loss Prevention), IAM (Identity & Access Management), and SIEM solutions.

Familiarity with financial security regulations (SOC 2, ISO 27001, GDPR, etc.).

Experience conducting security risk assessments, penetration testing, and vulnerability management.

✅ Preferred Qualifications:

Security certifications (CISSP, CISM, CEH, Security+) – a plus.

Experience in fintech, banking, or other financial institutions – a plus.