Senior Information Security Risk Analyst

Digital assets are redefining how wealth is created, used, and transferred. Since 2018 at Nexo, we have been building the future model of financial wealth - dynamic, accessible, and designed for a new generation of forward-thinking investors.

But technology alone doesn’t drive progress. People do.

We are a team of builders, strategists, analysts, creatives, and operators united by a shared mindset: advancement. We move fast, think long term, and take ownership. We challenge ideas, not people. We value clarity over noise and impact over optics.

We shape industry trends. We rethink how wealth works and build solutions that reflect that belief.

That requires a certain kind of person.

You will thrive here when you think independently and act decisively, take ownership without waiting for permission, and care deeply about quality, long-term value, and disciplined execution. The people who succeed at Nexo bring analytical depth, sound judgment, and resilience - but also curiosity and the drive to keep improving.

This is an environment for people who want to lead, create, and elevate what already exists. If building what’s next excites you, you’ll feel at home at Nexo.

Official website: [nexo.com](

[](

• Create and maintain security standards, policies, and procedures aligned with current and emerging cyber risks.


• Identify and assess technology risks, ensuring appropriate IT controls and operational processes are in place to mitigate them.


• Develop and maintain a comprehensive risk assessment process, including an internal risk register to track all technology risks to completion.


• Develop risk reporting for management and track remediation progress.


• Own and manage the third-party risk assessment process, including coordination of external security assessments and audits.


• Support the Data Governance program and maintain applicable information security policies and standards.


• Document IT processes, risks, and controls in a GRC solution.


• Develop, document, and maintain security incident reporting processes and procedures, including stakeholder communication.

• 3 to 5 years of experience in information security risk, audit, or a closely related field.


• Experience developing enterprise risk reporting, including risk appetite definitions, key risk indicators, and key performance indicators.


• Experience independently updating corporate security policies, standards, and procedures, and identifying opportunities to improve efficiency.


• Experience leading periodic audits of IT procedures and technology implementations to confirm compliance with regulatory standards, contractual agreements, and internal policy.


• Experience developing and delivering information and technology risk training material.


• Familiarity with GRC platforms and the ability to document IT processes, risks, and controls within them.


• Strong written communication skills, with experience producing risk reports and incident documentation for senior stakeholders.

• Bachelor's degree in computer science, information systems, or a related field — equivalent experience in progressively senior technology or consulting roles will be considered.


• Familiarity with security frameworks and standards such as COBIT, ISO 27001, and PCI-DSS.


• One or more of the following certifications: CISA, CISM, CRISC, or CISSP.


• Knowledge of IT audit best practices and privacy domains.

• Competitive and rewarding remuneration package.


• Annual performance-based bonuses.


• Comprehensive Learning Hub for continuous growth.


• Hybrid work model: primarily office-based with scheduled home office flexibility.


• A dynamic and inspiring environment with cutting-edge projects.


• Career development opportunities in a global leader driving the next generation of wealth.


• Customizable personal benefits package.


• Wellness benefits include additional health insurance, all-access sports cards, team-wide sports activities, standing desks, and blue light glasses.


• Parking and public transportation cards at preferential rates, plus free electric bikes.


• Fresh fruits, snacks, and a well-stocked office kitchen.


• Regular department team buildings and company-wide team buildings.