It's all about who you work with. Opportunities below to join fantastic teams.


Information Security & Risk Senior Analyst (United Kingdom)



Edinburgh, UK
Posted on Friday, May 5, 2023

Who We Are

Addepar’s purpose is to maximize the positive impact of the world’s capital. More than 850 of the world’s leading financial services firms trust Addepar to unlock the power and possibility of informed, data-driven investing and advice. These family offices, wealth managers, banks and institutions use Addepar’s tech and data platform to deliver exceptional value to their clients in a modern, scalable and secure way.

Our clients use Addepar to manage and advise on more than $4 trillion in assets. Our board and investors are some of the best in the business: D1 Capital, WestCap, 8VC and Valor Equity Partners have led our last few rounds.

We’re now expanding Addepar’s business around the globe, with clients in more than 30 countries. We’re constantly doubling down on tech- and data-fueled innovation, and our product and platform roadmap is more ambitious today than ever. We place our clients at the center of everything we do, and see a virtually unlimited set of opportunities to expand our client footprint and deepen the value we can unlock by building together.

Addepar is a Forbes Fintech 50 company and an honored member of the CB Insights Fintech 250. Addepar embraces a global flexible workforce model with offices in Silicon Valley, New York City, Salt Lake City, Chicago, London, England, Edinburgh, Scotland and Pune, India.

*Marketplace and brokerage services provided by Acervus Securities, Inc., an SEC registered broker‑dealer and member FINRA / SIPC.

The Role

The Information Security & Risk (‘ISR’) organization at Addepar is focused on establishing clear, simple and consistent control frameworks, and providing effective oversight of information security and technology activities. This organization plays a critical role in helping to balance risk-taking activities and decisions with opportunities to manage risk.

The successful candidate will be skilled in supporting high-impact governance, risk and compliance programs that align to the size and maturity of our business.

As a member of the ISR team, you will play a critical role in leveling-up Addepar’s Information Security and Risk Program. This position requires an expert with who can work independently in a fast-paced environment and have an immediate impact!

What You’ll Do

  • Drive a more optimized Information Security and Risk Program, aligned with industry standard frameworks such as the NIST Cybersecurity Framework.
  • Lead independent risk assessments of our environment focusing on our platform and its supporting software, infrastructure, and tools.
  • Support build-out of an enterprise metrics program and risk reporting framework to communicate risk to senior management.
  • Partner with control owners, engineers and other teams to facilitate reviews of new products and services, to ensure risks are identified, communicated, and mitigated.
  • Support SOC2 reviews including project management, planning, and coordination across Addepar teams and external auditors.
  • Maintain Addepar Information Security & Risk policies and standards, aligning to business and Client needs.
  • Drive improvements and execution of security awareness programs.

Who You Are

  • 5+ years of experience managing, consulting, auditing, or working in the fields of Information security or Technology Risk required. AWS Cloud Security experience preferred.
  • Professional certification: AWS Certified Solutions Architect, AWS Certified Security Specialty, Certified Information Security Auditor (CISA) or Certified Information Systems Security Professional (CISSP)
  • Demonstrate strong analytical, communication, and problem solving skills.
  • Experience identifying and communicating key risks related to cloud implementations and architectures
  • Ability to manage multiple high-visibility and high-impact projects while maintaining superior results.
  • Familiarity with control frameworks (e.g. NIST Cybersecurity Framework, NIST 800-53, ISO) and SOC2 audit compliance.

Our Values

  • Act Like an Owner - Think and operate with intention, purpose and care. Own outcomes.
  • Build Together - Collaborate to unlock the best solutions. Deliver lasting value.
  • Champion Our Clients - Exceed client expectations. Our clients’ success is our success.
  • Drive Innovation - Be bold and unconstrained in problem solving. Transform the industry.
  • Embrace Learning - Engage our community to broaden our perspective. Bring a growth mindset.

In addition to our core values, Addepar is proud to be an equal opportunity employer. We seek to bring together diverse ideas, experiences, skill sets, perspectives, backgrounds and identities to drive innovative solutions. We commit to promoting a welcoming environment where inclusion and belonging are held as a shared responsibility.

To ensure the health and safety of all Addepeeps and our prospective candidates, we have instituted a virtual interview and onboarding experience.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.