Cybersecurity & Data Protection

Key Responsibilities

Cybersecurity & Data Protection (Internal & External)

• Enforce strict in-house security policies to prevent unauthorized internal data access, copying, or extraction by employees or external parties.
• Implement DLP (Data Loss Prevention) systems to monitor and restrict data transfers, ensuring no FINQ data is leaked or misused.
• Secure network infrastructure, cloud environments, and endpoint devices from external cyber threats.
• Oversee network security, endpoint security, cloud security, IAM, and SOC tools.
• Regularly assess and update security protocols to stay ahead of cyber threats.
• Manage IAM policies, ensuring employees can only access data relevant to their role.
• Monitor third-party integrations, vendors, and service providers to ensure compliance with FINQ’s security standards.

IT Infrastructure & Security Operations

• Monitor and document availability of all systems and external service providers by direct observation, remote connection, and through alerting systems and respond immediately to security or usability concerns.
• Troubleshoot operational issues rapidly and analyze and resolve underlying issues to restore production systems and maintain continuity of business.
• Maintain and optimize FINQ’s IT infrastructure, ensuring all systems, networks, and databases are secure.
• Implement secure cloud storage policies and encryption techniques to protect sensitive financial data.
• Manage user permissions, multi-factor authentication (MFA), and identity & access management (IAM) systems.
• Oversee backup and disaster recovery strategies to ensure business continuity.

Security Compliance & Risk Management

• Ensure compliance with financial security regulations, including SOC2, ISO 27001, GDPR, and other industry standards.
• Conduct security audits, vulnerability assessments, and penetration tests to identify and mitigate risks.
• Implement cybersecurity awareness training for employees to prevent internal security threats (e.g., phishing, insider threats).
• Stay updated on emerging threats and security technologies, providing recommendations for continuous improvements.

Incident Response & Threat Mitigation

• Develop and maintain incident response protocols to quickly detect, contain, and remediate cyberattacks.
• Investigate and respond to security breaches, data leaks, or unauthorized access attempts.
• Work with law enforcement and regulatory bodies when necessary to handle security incidents.

Requirements

Experience & Skills:

• 5+ years of experience in IT security, cybersecurity, or network administration.
• Strong knowledge of firewalls, VPNs, endpoint protection, and security monitoring tools.
• Hands-on experience with cloud security (AWS, Azure, GCP).
• Expertise in DLP (Data Loss Prevention), IAM (Identity & Access Management), and SIEM solutions.
• Familiarity with financial security regulations (SOC 2, ISO 27001, GDPR, etc.).
• Experience conducting security risk assessments, penetration testing, and vulnerability management.

Preferred Qualifications:

• Security certifications (CISSP, CISM, CEH, Security+) – a plus.
• Experience in fintech, banking, or other financial institutions – a plus.