Senior Information Security Process Analyst - Europe

  • Xapo
  • Europe
  • Jun 29, 2018
Full time Risk Security

Job Description


At Xapo, the largest custodian of Bitcoin in the world, we offer the convenience you would expect from an online checking account with the high tech security of our Bitcoin vault.Our business is growing fast, and we want to make sure we can keep providing the best quality support to our customers. We are looking for an experienced

Information Security Process Analyst based in Europe who can actively contribute to a challenging / technological work environment.



  • High-level coordination and communication across various business units, overseeing operational execution of Global IT Security Policies, and ensuring regulatory IT Security compliance requirements are being met

  • Enforcement and validation of Global information security policies, standards and procedures

  • Assess IT general controls and/or application layer security controls to ensure compliance with XAPO Global Information Security policies, international standards, best practices and regulations, especially in the European Union (GDPR, the new Data Privacy Regulation in the EU)

  • Deep understanding of business processes and technology used within the areas to ensure compliance with regulatory requirements and the XAPO Information Security Policy and applicable procedures, processes and standards

  • Identify and evaluate technology risks internally and/or at third parties, internal controls which mitigate risks, and related opportunities for internal control improvements

  • Ensure users understand and adhere to policies and procedures including implementation and enforcement of an information Security awareness program

Some Perks of working with Xapo


Absolute autonomy

Remote work enviroment

Working as part of a global team

Learning from Silicon Valley’s brightest



  • 5 years or more as an auditor or in audit departments

  • Proven experience in  SOC1/2 Reports and ISO 27001 Certification, Information Security controls - Big 4, Consulting or IT internal audit experience.

  • Have understanding or work experience with GDPR, the new Data Privacy Regulation in the EU.

  • Information Security certification such as CISSP, CISSM, CRISC, CISA or equivalent desirable.

  • Deep understanding  and experience on implementation of Policies for Data Privacy and Security controls for protection of Personal Data and Personally Identifiable Information

  • Privacy regulations and security compliance requirements affecting Global financial institutions (i.e. GDPR)

  • To be located in Europe

Additional Skills

- Knowledge in various cybersecurity areas such as: Identity and Access Management, Threat and Vulnerability - Management, Information Risk and Governance, IT Architecture, Monitoring, Incident Response and Security Strategy, Physical Security and/or Business Resiliency

- Good written and verbal communication skills for report writing, business requirement proposals, technical policies, and methodology documentation.

- Strong analytical, problem solving, organizational, documentation; time management skills and attention to details

- Good analytical and problem-solving skills coupled with thoroughness and attention to detail is highly desired

- Ability to optimize and condense information and transform data into easily understandable concepts

- Technical skills in MS Excel, PowerPoint, Word, and Project

- Fluent in English. Speak a second language ideal, preferably Spanish, but not a requirement.