checkout.com - InfoSec Analyst II

• 2 to 4 years of experience in information security, IT audit, or a closely related function, ideally within payments, financial services, or fintech. • Demonstrated working knowledge across more than one of the following domains: GRC, AI governance, AppSec, technology risk, or data governance. Depth in one or two with credible breadth across the others is the target profile. • Practical experience with one or more major compliance frameworks: PCI DSS (v4.0.1 preferred), ISO 27001, SOC 2, DORA, NIST CSF, or equivalent. • Experience supporting or managing external audits, assessments, or regulatory engagements including evidence collation and assessor liaison. • Demonstrated ability to own a workstream independently, from scoping through to delivery, without requiring constant direction. • Strong analytical and process-oriented mindset. You look for root causes and systemic fixes, not just point-in-time remediation. • Clear written and verbal communication. You can translate security concepts for technical teams and business stakeholders with equal clarity. • Comfortable operating with ambiguity across a complex domain landscape. You can prioritise without perfect information. • Collaborative and pragmatic. You understand that security must work with the business and that influence matters as much as expertise. • Methodical and well-organised, with a track record of delivering on commitments across concurrent workstreams. • Relevant certification in one or more domains: CISA, CISM, CISSP, PCIP, ISO 27001 Lead Implementer or Auditor, Certified AppSec Practitioner (CAP), or equivalent. • Familiarity with cloud environments (AWS, Azure, GCP) from a security or compliance perspective. • Exposure to AI and ML systems from a risk, governance, or security perspective. • Experience with security or GRC tooling such as Wiz, Qualys, Microsoft Sentinel, ServiceNow GRC, or similar. • Understanding of agentic AI and LLM security risks including OWASP LLM Top 10, prompt injection, and data exfiltration vectors. • HYBRID WORKING MODEL • All of our offices globally are onsite three times per week (Tuesday, Wednesday, and Thursday). We've worked towards enabling teams to work collaboratively in the same space while also being able to partner with colleagues globally. During your days at the office, we offer great snacks, breakfast, and lunch options in all of our locations. • It’s important we set you up for success and make our process as accessible as possible. So let us know in your application, or tell your recruiter directly, if you need anything to make your experience or working environment more comfortable. • Life at Checkout.com http://Checkout.com • We understand that work is just one part of your life. Our hybrid working model offers flexibility, with three days per week in the office to support collaboration and connection. • Curious about what it’s like to be part of our team? Visit our Careers Page https://www.checkout.com/careers to learn more about our culture, open roles, and what drives us. • For a closer look at daily life at Checkout.com http://Checkout.com, follow us on LinkedIn https://www.linkedin.com/company/checkout/life/ and Instagram https://www.instagram.com/checkout_com/